Re: [Catalyst] Access-Control-Allow-Origin

2018-06-19 Thread Scott Thomson
If you have a front end web server then you can let it handle the CORS for
you and don't worry about it in your app, I've used the approach in
https://awesometoast.com/cors/ with success for apache, I've heard it's
also pretty straightforward for nginx. This way you avoid a full catalyst
request for the preflights.


On Mon, 18 Jun 2018 at 18:06 João André Simioni  wrote:

> I use the following code to allow all origins:
>
> $c->response->header('Access-Control-Allow-Origin'  =>
> $c->req->header('origin'));
> $c->response->header('Access-Control-Allow-Methods' =>
> 'GET,POST,OPTIONS');
> $c->response->header('Access-Control-Allow-Headers' =>
> 'accept,content-type');
> $c->response->header('Access-Control-Allow-Credentials' => 'true');
>
> if ($c->req->method eq 'OPTIONS') {
> $c->stash(jsonrpc_output => { result => 'CORS Workaround' });
> return;
> }
>
>
> On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot  wrote:
>
>> David,
>>
>> It is routed to the default en routine:
>>
>> sub end :ActionClass('RenderView') {
>>  my($self,$c) = @_;
>> }
>>
>> On Fri, Jun 15, 2018 at 3:07 PM, David Dorward 
>> wrote:
>>
>>> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
>>>
 Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
 header:

 I've tried "$c->response->header('Access-Control-Allow-Origin' => '*');

>>>
>>> That's how you do it.
>>>
>>> But I don't see it in the response

>>>
>>> Is that line of code actually running for the response?
>>>
>>> Have you put it on the wrong route by mistake?
>>>
>>> Are you putting it on the response for a POST or GET request when the
>>> browser is making a preflight OPTIONS request which isn't being handled by
>>> that?
>>>
>>> ___
>>> List: Catalyst@lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive:
>>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>>> Dev site: http://dev.catalyst.perl.org/
>>>
>>
>>
>>
>> --
>> Met vriendelijke groet,
>>
>> Theo Bot
>>
>>
>> ___
>> List: Catalyst@lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive:
>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>>
>>
>
>
> --
> João André Simioni
> jasimi...@gmail.com
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Access-Control-Allow-Origin

2018-06-18 Thread João André Simioni
I use the following code to allow all origins:

$c->response->header('Access-Control-Allow-Origin'  =>
$c->req->header('origin'));
$c->response->header('Access-Control-Allow-Methods' =>
'GET,POST,OPTIONS');
$c->response->header('Access-Control-Allow-Headers' =>
'accept,content-type');
$c->response->header('Access-Control-Allow-Credentials' => 'true');

if ($c->req->method eq 'OPTIONS') {
$c->stash(jsonrpc_output => { result => 'CORS Workaround' });
return;
}


On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot  wrote:

> David,
>
> It is routed to the default en routine:
>
> sub end :ActionClass('RenderView') {
>  my($self,$c) = @_;
> }
>
> On Fri, Jun 15, 2018 at 3:07 PM, David Dorward 
> wrote:
>
>> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
>>
>>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
>>> header:
>>>
>>> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*');
>>>
>>
>> That's how you do it.
>>
>> But I don't see it in the response
>>>
>>
>> Is that line of code actually running for the response?
>>
>> Have you put it on the wrong route by mistake?
>>
>> Are you putting it on the response for a POST or GET request when the
>> browser is making a preflight OPTIONS request which isn't being handled by
>> that?
>>
>> ___
>> List: Catalyst@lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive: http://www.mail-archive.com/ca
>> tal...@lists.scsys.co.uk/
>> Dev site: http://dev.catalyst.perl.org/
>>
>
>
>
> --
> Met vriendelijke groet,
>
> Theo Bot
>
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/
> catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
>


-- 
João André Simioni
jasimi...@gmail.com
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Access-Control-Allow-Origin

2018-06-18 Thread Theo Bot
David,

It is routed to the default en routine:

sub end :ActionClass('RenderView') {
 my($self,$c) = @_;
}

On Fri, Jun 15, 2018 at 3:07 PM, David Dorward  wrote:

> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
>
>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
>> header:
>>
>> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*');
>>
>
> That's how you do it.
>
> But I don't see it in the response
>>
>
> Is that line of code actually running for the response?
>
> Have you put it on the wrong route by mistake?
>
> Are you putting it on the response for a POST or GET request when the
> browser is making a preflight OPTIONS request which isn't being handled by
> that?
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/ca
> tal...@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>



-- 
Met vriendelijke groet,

Theo Bot
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Access-Control-Allow-Origin

2018-06-16 Thread Theo Bot
On Fri, Jun 15, 2018, 15:25 David Dorward  wrote:

> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
> > Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
> > header:
> >
> > I've tried "$c->response->header('Access-Control-Allow-Origin' =>
> > '*');
>
> That's how you do it.
>
> > But I don't see it in the response
>
> Is that line of code actually running for the response? Yes
>
> Have you put it on the wrong route by mistake? ??
>
> Are you putting it on the response for a POST or GET request when the
> browser is making a preflight OPTIONS request which isn't being handled
> by that? An Ajax (jqeury) post request.
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive:
> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Access-Control-Allow-Origin

2018-06-15 Thread Dimitar Petrov
You can also consider using a Plack middleware:
https://metacpan.org/pod/Plack::Middleware::CrossOrigin

Cheers,
-- Dimi

On Fri, Jun 15, 2018 at 3:07 PM, David Dorward  wrote:

> cOn 15 Jun 2018, at 13:54, Theo Bot wrote:
>
>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
>> header:
>>
>> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*');
>>
>
> That's how you do it.
>
> But I don't see it in the response
>>
>
> Is that line of code actually running for the response?
>
> Have you put it on the wrong route by mistake?
>
> Are you putting it on the response for a POST or GET request when the
> browser is making a preflight OPTIONS request which isn't being handled by
> that?
>
> ___
> List: Catalyst@lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/ca
> tal...@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/


Re: [Catalyst] Access-Control-Allow-Origin

2018-06-15 Thread David Dorward

cOn 15 Jun 2018, at 13:54, Theo Bot wrote:

Can anybody tell me to to add an "Access-Control-Allow-Origin" in the
header:

I've tried "$c->response->header('Access-Control-Allow-Origin' => 
'*');


That's how you do it.


But I don't see it in the response


Is that line of code actually running for the response?

Have you put it on the wrong route by mistake?

Are you putting it on the response for a POST or GET request when the 
browser is making a preflight OPTIONS request which isn't being handled 
by that?


___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/