search

karlheyes / icecast-kh

KH branch of icecast
GNU General Public License v2.0
298 stars 106 forks source link

CORS and withCredentials flag #300

Closed waster closed 3 years ago

waster commented 4 years ago

Hello,

For CORS requests Icecast always returns Access-Control-Allow-Origin: * header. Bit it does not work with XHR requests from browsers that have withCredentials flag (for cookie support for example). Server must return two headers when this flag was set:

Access-Control-Allow-Origin: ORIGIN
Access-Control-Allow-Credentials: true

Is it possible to add support for such requests, may be some configuration directive?

karlheyes commented 4 years ago

Can you check the kh15 release to verify that is working as expected.

karl

waster commented 3 years ago

Thanks! Seems to be working now.