Feature #852
Implement cross domain javascript API
| Status: | Rejected | Start date: | 01/24/2012 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: |  Hein Rigolo | % Done: | 0% | |
| Category: | WEB UI | |||
| Target version: | - |
Description
I want to create a stand alone javascript app that runs on another server(or device, or port..). Need cross domain requests for ajax.
Pretty small change but not sure about the security implications.
It's covered here; http://enable-cors.org/
Diff to make it all work;
--- a/src/http.c
+++ b/src/http.c
@@ -166,6 +166,9 @@ http_send_header(http_connection_t *hc, int rc, const char *content,
rc, http_rc2str(rc));
htsbuf_qprintf(&hdrs, "Server: HTS/tvheadend\r\n");
+ htsbuf_qprintf(&hdrs, "Access-Control-Allow-Origin: *\r\n");
+ htsbuf_qprintf(&hdrs, "Access-Control-Allow-Methods: POST, GET\r\n");
+ htsbuf_qprintf(&hdrs, "Access-Control-Allow-Headers: x-requested-with\r\n");
if(maxage == 0) {
htsbuf_qprintf(&hdrs, "Cache-Control: no-cache\r\n");
History
#1
Updated by Adam Sutton 10 months ago
- Status changed from New to Rejected
I don't understand the need for this, maybe I'm being dense. Also there have been no updates in 6 months.
If you still want to do this, please can you drop me a line or pop along to #hts to discuss further.