Example website with CORS Jakub T. Jankiewicz (13 Dec 2020 18:20 UTC)
Re: Example website with CORS Lassi Kortela (29 Dec 2020 23:09 UTC)
Re: Example website with CORS Jakub T. Jankiewicz (29 Dec 2020 23:57 UTC)
Re: Example website with CORS Lassi Kortela (30 Dec 2020 00:03 UTC)
Re: Example website with CORS Jakub T. Jankiewicz (30 Dec 2020 01:51 UTC)

Re: Example website with CORS Jakub T. Jankiewicz 29 Dec 2020 23:57 UTC


On Wed, 30 Dec 2020 01:09:12 +0200
Lassi Kortela <xxxxxx@lassi.io> wrote:

> Jakub wrote:
> > I'm just writing example for my Scheme interpreter called LIPS and I would
> > like to use JavaScript fetch API to get title of a website, but to be
> > able to do that I need website that support CORS. It would be nice if
> > website is related to Scheme. I was thinking about one of scheme.org sub
> > domains or the main domain itself.
> >
> > Do you plan to support CORS in the near future. It would be nice if main
> > domain support CORS is I can use:
> >
> > (title "https://scheme.org")
> >
> > and see some nice title like "Scheme Programming Language".
> >
> > It will probably be awhile until the website will be running so I thought,
> > maybe just setup example.scheme.org that people will be able to use
> > instead of example.com in code examples (example.com don't support CORS
> > unfortunately).
> >
> > example.scheme.org can be just simple S-Expression with text/plain like
> >
> > ((language . "scheme"))
> >
> > HTML site similar to example.com or website that return JSON.
> >
> > For my use case I would prefer normal html website, because I will be
> > able to showcase Regular Expressions in LIPS Scheme (used to extract the
> > title).
> >
> > I can create example website, every simple with just title and explanation
> > that this is example website. I can create something based on example.com.
> >
> > But there is need to create sub domain and host it somewhere, There is
> > no need for extra server because it will be just single file.
> >
> > What you think?
>
> Sorry, this mail fell through. Does something need to be done at
> scheme.org's end (in server configuration, HTML, or otherwise) to make
> CORS work, or would you just tell the CORS headers on the Lips site to
> trust scheme.org?

scheme.org need to provide special HTTP headers to make it work. There
probably will be no login of any kind of this website, so it would be safe to
just add CORS to main website.

The only thing that need to be done is this HTTP header:

	Access-Control-Allow-Origin: *

it will make possible to send request to scheme.org from any website using
Ajax.

One note it may require to allow HTTP method OPTIONS that also return this
header. Some Ajax calls send two requests first OPTIONS method, if it have
CORS headers then second proper GET or POST request is sent. I'm not exactly
sure now when this may happen. Maybe it happen when you send POST request.

It would be nice also if api also return that header, so it can be used in
browser as well. There is probably no need for other domains to return that
header though.

--
Jakub T. Jankiewicz, Web Developer
https://jcubic.pl/me