glebec
commented
8 years ago For the project maintainers: looks like you can fully support CORS by implementing OPTIONS requests so that preflight requests pass.
Closed bgergen closed 8 years ago
glebec
commented
8 years ago For the project maintainers: looks like you can fully support CORS by implementing OPTIONS requests so that preflight requests pass.
prasmussen
commented
8 years ago Yeah it should be easy to enable, but keep in mind that using CORS will expose your api key to anyone using the site. I will look at it later this week, if you need a temporary fix I know there exists browser extensions for chrome at least that will allow cross origin requests.
bgergen
commented
8 years ago Thanks, @prasmussen. Yes, I can see why using CORS might be a bad idea here. Thanks for the response!
ohnova
commented
7 years ago Unfortunately, I can't find how to enable CORS.
I just added belows in root_resource.erl,
options(Req, State) ->
http_util:add_cors_headers(Req),
{ok, Req, State}.Where should I call add_cors_headers/1, would be appreciated.
I am using the glot-run API for a web app that executes user-written code in a Docker container. When I try to make a $https request to the API from my Angular factory, I get the following CORS preflight error:
"XMLHttpRequest cannot load https://run.glot.io/languages/javascript/latest. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost:1337' is therefore not allowed access. The response had HTTP status code 405."
I see that code is included in the http_util file that seems to be written to handle this issue, but it does not seem to be allowing for the request I am trying to make to the API. @glebec