Hi,
to POST events from a non hosted page outside from EventStore web. I spend the es.api.js a new setting
var baseUrl = settings.baseUrl || “”
Before the ajax sends the POST comes an OPTIONS for CORS. This request fails with
HTTP/1.1 405 Requested method is not allowed for requested url
Access-Control-Allow-Methods: DELETE, GET, POST
Need to provide OPTIONS and also CORS Header for using EventStore outside from own hosted websites.
Cheers, Mike
Just a quick potential thought on this - did you specify the IP that the Event Store was running on? By default it only binds to loopback.
I had similar problems when consuming events from javascript on another machine, so I took a look at the HTTP code this afternoon.
I stuck in a handler for OPTIONS requests, which seems to work ok… and it was easy enough to change it to always send Access-Control-Allow-Origin: *
Not on the right computer now, but I can post the code here tomorrow, and will make a pull request.
Only thing i’m not sure about is the access-control … I guess a configurable list of domains would be a better solution than hardcoding to * ?
Sorry, misunderstood the request on this one!
Hi Rich,
thx for pull request. Thats exactly what is needed. And yes, a configurable list would be a better solution…
Cheers, Mike
@Rich Knight,
I’ve merged your pull request. We’ll add configurable Access-Control-Allow-Origin soon
Четвер, 18 жовтня 2012 р. 09:02:44 UTC+3 користувач Mike Bild написав: