Open martybetz opened 3 days ago
I think you're doing everything right, and you've found a limitation in Galene's administrative interface.
Currently, the publicServer
directive allows cross-site access to the videoconferencing protocols (both the native protocol and WHIP). However, it does nothing to the administrative interface.
Do we want to allow cross-site access to the administrative interface when publicServer
is set, or should that be controlled by a different directive?
Ah. That makes sense. Thanks
I'm not very familiar with WHIP use cases, but for client communication I think allowing a specific CORS origin domain would be valuable, as opposed rarely desired fully public access. And I could imagine a separate, parallel need for private or open WHIP access.
So, I'm envisioning the config file might allow for something like: ClientCorsAccess: "*" or "http://domain:7701" etc
Again, I'm not an expert, so I'm very open to other perspectives.
In data/config.json, I set {publicServer:true}. I then ran: galene -insecure -turn 192.168.4.23:1194
So, Galene server and simple examples are now running fine on http://localhost:8443
But my intention is to use it from pages hosted on another local webserver. localhost:7701. I tried to get the simple example/example.html static page working from there. Naturally, in example.js, I needed to use "await start("http://localhost:8443/group/public/");" That's fine.
But then I still get a CORS error when my :7701 hosted js needs to fetch("http://localhost:8443/group/public/.status") I think there is a bug with CORS access of ".status". It seems webserver/webserver.go fails to set the header for Allow-Origin properly when the requested file is ".status":
By adding the following code into groupStatusHandler(),
everything works perfectly. Am I doing something wrong? Did I find a bug? -Marty