Adds CORS headers - Githubissues

webcompat / webcompat-metrics-server

Server in charge of delivering different data to the webcompat-metrics-client

Mozilla Public License 2.0

6 stars 5 forks source link

Adds CORS headers #26

Closed karlcow closed 6 years ago

karlcow commented 6 years ago

Allow https://webcompat.github.io/webcompat-metrics-client/ to fetch http://webcompat-metrics.herokuapp.com/data/needsdiagnosis-timeline so @magsout client is working.

magsout commented 6 years ago

Thanks <3 ;)

miketaylr commented 6 years ago

Over at https://webcompat.github.io/webcompat-metrics-client/?from=2018-05-19&to=2018-06-19 I see:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://webcompat-metrics.herokuapp.com/data/needsdiagnosis-timeline?from=2018-05-19&to=2018-06-19. (Reason: expected ‘true’ in CORS header ‘Access-Control-Allow-Credentials’).

Unsure if expected or not.

karlcow commented 6 years ago

Yup seen that. Usually it's because of cookies no? or is it mandatory because of HTTPS?

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials

Credentials are cookies, authorization headers or TLS client certificates.

bingo TLS

Let's open a new issue.

karlcow commented 6 years ago

Opened #29 Thanks @miketaylr