tl;dr if you don't have user accounts everything should just work. If you're trying to have user accounts and use the Auth plugin, you will need to create a token endpoint and it needs to be CORS enabled with credentials. On Oct 10, 2014 9:57 AM, "Randall Leeds" <[email protected]> wrote:
> On Oct 10, 2014 9:12 AM, "Robert Sanderson" <[email protected]> wrote: > > > > > > This: http://enable-cors.org/ > > > > Or, TL;DR ... add a header to the response: Access-Control-Allow-Origin: > * > > > > If you're using the auth plugin you need to do more than this. > > You just also allow credentialed requests and allow the > X-Annotator-Auth-Token header. > > However, if you're using the annotator-store flask application it sets > these for you. You do not need to do anything with apache. > > The only exception is that if you do implement authentication, you need to > provide a token route, which is not built in to annotator-store (although > the functions you need to do so are in the annotator.auth module). > > Tell us about any questions you have if this is unclear. > > There is documentation here: > http://docs.annotatorjs.org/en/v1.2.x/authentication.html > > If your token endpoint is on the same origin as the page you're > annotating, you don't have to worry about CORS there. > > If you're trying to use the bookmarklet or some other way are hoping to > annotate pages on a different domain, you will need to set appropriate CORS > headers for the token route. I'd be happy to assist you further if that's > the case. >
_______________________________________________ annotator-dev mailing list [email protected] https://lists.okfn.org/mailman/listinfo/annotator-dev Unsubscribe: https://lists.okfn.org/mailman/options/annotator-dev
