Re: [Catalyst] Access-Control-Allow-Origin
If you have a front end web server then you can let it handle the CORS for you and don't worry about it in your app, I've used the approach in https://awesometoast.com/cors/ with success for apache, I've heard it's also pretty straightforward for nginx. This way you avoid a full catalyst request for the preflights. On Mon, 18 Jun 2018 at 18:06 João André Simioni wrote: > I use the following code to allow all origins: > > $c->response->header('Access-Control-Allow-Origin' => > $c->req->header('origin')); > $c->response->header('Access-Control-Allow-Methods' => > 'GET,POST,OPTIONS'); > $c->response->header('Access-Control-Allow-Headers' => > 'accept,content-type'); > $c->response->header('Access-Control-Allow-Credentials' => 'true'); > > if ($c->req->method eq 'OPTIONS') { > $c->stash(jsonrpc_output => { result => 'CORS Workaround' }); > return; > } > > > On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot wrote: > >> David, >> >> It is routed to the default en routine: >> >> sub end :ActionClass('RenderView') { >> my($self,$c) = @_; >> } >> >> On Fri, Jun 15, 2018 at 3:07 PM, David Dorward >> wrote: >> >>> cOn 15 Jun 2018, at 13:54, Theo Bot wrote: >>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the header: I've tried "$c->response->header('Access-Control-Allow-Origin' => '*'); >>> >>> That's how you do it. >>> >>> But I don't see it in the response >>> >>> Is that line of code actually running for the response? >>> >>> Have you put it on the wrong route by mistake? >>> >>> Are you putting it on the response for a POST or GET request when the >>> browser is making a preflight OPTIONS request which isn't being handled by >>> that? >>> >>> ___ >>> List: Catalyst@lists.scsys.co.uk >>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst >>> Searchable archive: >>> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ >>> Dev site: http://dev.catalyst.perl.org/ >>> >> >> >> >> -- >> Met vriendelijke groet, >> >> Theo Bot >> >> >> ___ >> List: Catalyst@lists.scsys.co.uk >> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst >> Searchable archive: >> http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ >> Dev site: http://dev.catalyst.perl.org/ >> >> > > > -- > João André Simioni > jasimi...@gmail.com > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Access-Control-Allow-Origin
I use the following code to allow all origins: $c->response->header('Access-Control-Allow-Origin' => $c->req->header('origin')); $c->response->header('Access-Control-Allow-Methods' => 'GET,POST,OPTIONS'); $c->response->header('Access-Control-Allow-Headers' => 'accept,content-type'); $c->response->header('Access-Control-Allow-Credentials' => 'true'); if ($c->req->method eq 'OPTIONS') { $c->stash(jsonrpc_output => { result => 'CORS Workaround' }); return; } On Mon, Jun 18, 2018 at 3:34 AM, Theo Bot wrote: > David, > > It is routed to the default en routine: > > sub end :ActionClass('RenderView') { > my($self,$c) = @_; > } > > On Fri, Jun 15, 2018 at 3:07 PM, David Dorward > wrote: > >> cOn 15 Jun 2018, at 13:54, Theo Bot wrote: >> >>> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the >>> header: >>> >>> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*'); >>> >> >> That's how you do it. >> >> But I don't see it in the response >>> >> >> Is that line of code actually running for the response? >> >> Have you put it on the wrong route by mistake? >> >> Are you putting it on the response for a POST or GET request when the >> browser is making a preflight OPTIONS request which isn't being handled by >> that? >> >> ___ >> List: Catalyst@lists.scsys.co.uk >> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst >> Searchable archive: http://www.mail-archive.com/ca >> tal...@lists.scsys.co.uk/ >> Dev site: http://dev.catalyst.perl.org/ >> > > > > -- > Met vriendelijke groet, > > Theo Bot > > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/ > catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > > -- João André Simioni jasimi...@gmail.com ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Access-Control-Allow-Origin
David, It is routed to the default en routine: sub end :ActionClass('RenderView') { my($self,$c) = @_; } On Fri, Jun 15, 2018 at 3:07 PM, David Dorward wrote: > cOn 15 Jun 2018, at 13:54, Theo Bot wrote: > >> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the >> header: >> >> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*'); >> > > That's how you do it. > > But I don't see it in the response >> > > Is that line of code actually running for the response? > > Have you put it on the wrong route by mistake? > > Are you putting it on the response for a POST or GET request when the > browser is making a preflight OPTIONS request which isn't being handled by > that? > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/ca > tal...@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > -- Met vriendelijke groet, Theo Bot ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Access-Control-Allow-Origin
On Fri, Jun 15, 2018, 15:25 David Dorward wrote: > cOn 15 Jun 2018, at 13:54, Theo Bot wrote: > > Can anybody tell me to to add an "Access-Control-Allow-Origin" in the > > header: > > > > I've tried "$c->response->header('Access-Control-Allow-Origin' => > > '*'); > > That's how you do it. > > > But I don't see it in the response > > Is that line of code actually running for the response? Yes > > Have you put it on the wrong route by mistake? ?? > > Are you putting it on the response for a POST or GET request when the > browser is making a preflight OPTIONS request which isn't being handled > by that? An Ajax (jqeury) post request. > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: > http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Access-Control-Allow-Origin
You can also consider using a Plack middleware: https://metacpan.org/pod/Plack::Middleware::CrossOrigin Cheers, -- Dimi On Fri, Jun 15, 2018 at 3:07 PM, David Dorward wrote: > cOn 15 Jun 2018, at 13:54, Theo Bot wrote: > >> Can anybody tell me to to add an "Access-Control-Allow-Origin" in the >> header: >> >> I've tried "$c->response->header('Access-Control-Allow-Origin' => '*'); >> > > That's how you do it. > > But I don't see it in the response >> > > Is that line of code actually running for the response? > > Have you put it on the wrong route by mistake? > > Are you putting it on the response for a POST or GET request when the > browser is making a preflight OPTIONS request which isn't being handled by > that? > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: http://www.mail-archive.com/ca > tal...@lists.scsys.co.uk/ > Dev site: http://dev.catalyst.perl.org/ > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Access-Control-Allow-Origin
cOn 15 Jun 2018, at 13:54, Theo Bot wrote: Can anybody tell me to to add an "Access-Control-Allow-Origin" in the header: I've tried "$c->response->header('Access-Control-Allow-Origin' => '*'); That's how you do it. But I don't see it in the response Is that line of code actually running for the response? Have you put it on the wrong route by mistake? Are you putting it on the response for a POST or GET request when the browser is making a preflight OPTIONS request which isn't being handled by that? ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/