okleine / nCoAP

Java implementation of the CoAP protocol using netty
BSD 3-Clause "New" or "Revised" License
179 stars 57 forks source link

Headers: Access-Control-Allow #15

Closed boldt closed 11 years ago

boldt commented 12 years ago

If we run a POST request (e.g. to an node in the Spitfire SSP) with Chrome, it somehow does not work. Probably the HTTP response must set some additional CORS headers. This should be done with an additional flag on the Response, such as setAccessControlAllow(true):

Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

The * is a security risk, but it should work as a first workaround.

See:

okleine commented 11 years ago

Not a nCoAP issue.

boldt commented 11 years ago

AFAIK, I pushed it already to the SSP.

okleine commented 11 years ago

Yes, but this is not related to the nCoAP project.