Way to set Header set Access-Control-Allow-Origin "*" for CORS

[oldwired]

Is your feature request related to a problem? Please describe. I host nominatim on a server, but want to use not only the API programmatically but call it via https://github.com/perliedman/leaflet-control-geocoder from leaflet maps hosted on other domains or locally. But that fails due to the CORS policy.

Access to XMLHttpRequest at 'https://g***.l***.cloud/search?q=Schulstra%C3%9Fe%201%2C%20Bermatingen&limit=5&format=json&addressdetails=1' from origin 'http://localhost:63342' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Describe the solution you'd like An option to set Header set Access-Control-Allow-Origin "*" in the apache.conf See how the popular overv/openstreetmap-tile-server handles it: https://github.com/Overv/openstreetmap-tile-server/commit/451f335bc599e1f7c136d15b241905808c5084ab

Describe alternatives you've considered I could perhaps add this header via a reverse proxy

[leonardehrenfried]

I would be totally fine with an option to enable cors. I'd even enable it by default.

[oldwired]

The ticket might have been premature. I'm not sure if that's the problem. When I try the "naked" request in Postman (or just via the browser address bar) the Access-Control-Allow-Origin * header is present. There must be something else wrong. Perhaps the problem is with the geocoding plugin I use.

[leonardehrenfried]

Did you find out something? Can we close this?

[oldwired]

Oh yes, like I wrote. I found that it is enabled. So there must be something wrong either with the geocoding plugin I use, or how I use it.

[tHesTx]

Have you found a solution?