CORS Support

[mcrosson]

Any chance you can implement the with-credential options for the HTTP client? I tried patching the code but am not familiar with nodejs/npm/angular dev and was unsuccessful in my attempts.

From my online searches it looks like the following can be used as a starting point. (See the last comment)

https://stackoverflow.com/questions/47345282/how-to-add-cors-request-in-header-in-angular-5

This is necessary when working with CORS enabled domain(s).

[turt2live]

It should already be working with domains that use CORS. The headers should be sent by the server, and the client shouldn't have to do anything special.

[mcrosson]

I'm trying to run evelium on a sub-domain and when it goes to reach out to domain.tld/.well-known/matrix/client it's getting denied errors in the console on the CORS header(s) not being preset.

Then it falls back to domain.tld instead of matrix.domain.tld and subsequently fails as my sydent instance is on the sub-domain.

[turt2live]

If there's nothing at /.well-known/matrix/client (which should be a json file) then the browser has no choice but to decline the request (even though it'll receive a 404 anyways, which will also cause a similar code path).

Is there something at domain.tld/.well-known/matrix/client?

[mcrosson]

yes, I setup https://kemonine.info/.well-known/matrix/client and it points to my matrix server and identity server

[turt2live]

It sounds like your web server isn't returning the required headers to allow Evelium to use the resource then. Something like this should work:

Access-Control-Allow-Origin: *   // or chat.kemonine.info, or whatever your subdomain is
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS;
Access-Control-Allow-Headers: Origin, Content-Type, Authorization

[mcrosson]

Closing, this appears to be on my end with CORS stuff...

Thank you for your time and patience with a newb question.

[turt2live]

No problem! I'm glad it's an easy fix.