Closed benjamine closed 13 years ago
I'm working with a mongodb+node.js+mongodb-rest in a virtual machine, and a website accesing it on my local machine, so this feature became mandatory to me.
Haven't had a lot of time, but looks good! I'll have a more thorough look very soon and very likely merge.
In this commit I added the support for cross origin requests. In order to allow this I added a block to config.json that enables cross-origin requests and allows to specify http methods allowed and an specific source domain ("*" means anyone). I had to move the load of config.json earlier on the server startup to use this config values on the accesscontrol module I added. Cross Origin http requests must contain an "Origin" header, most modern browsers already take care of this when a cross origin request is detected.
This allows to make ajax callbacks from a web browser (eg. with jquery) from pages in different domains that our server, typically this is used for creating javascript widgets (ie. Google Maps, Twitter box, etc.), or give access to other third party aplications.
ps: I'm a newbie to node.js (and to github!) so please don't hesitate in suggesting any modification. Regards