this post was submitted on 17 Jun 2023
0 points (NaN% liked)

Beehaw Support

2794 readers
1 users here now

Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.

A brief FAQ for lurkers and new users can be found here.

Our September 2024 financial update is here.

For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

if you can see this, it's up  

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
0
Missing CORS prevents third-party web clients (beehaw.org)
submitted 1 year ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

Hey Beehaw mods!

I'm currently working on a Lemmy web client, but the lack of proper CORS headers is preventing anything from working :(

I just wanted to ask if the appropriate CORS headers could be added to the front-facing proxy layer. If you're using Caddy, I believe something like this should do the trick:

reverse_proxy ... {
  header_down Access-Control-Allow-Origin *
  header_down Access-Control-Allow-Methods *
  header_down Access-Control-Allow-Headers *
}

Relevant issue: https://github.com/LemmyNet/lemmy/issues/3109

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 0 points 1 year ago (1 children)

Websocket handshakes are done over HTTP. The endpoint for Beehaw's WS API would be wss://beehaw.org/, so it's still going to use the same CORS policies as accessing the / (root) path.

[–] [email protected] 1 points 1 year ago* (last edited 9 months ago) (1 children)

[This comment has been deleted by an automated system]

[–] [email protected] 0 points 1 year ago (1 children)

Huh, interesting. It seems that a WS connection to wss://beehaw.org/api/v3/ws works, but not wss://beehaw.org. I remember reading somewhere that the WS API will eventually be removed, though.

I'll continue development w/ the REST API until I feel like it's in a mostly-working state, and then I'll probably subject myself to the WS API after. Working with the REST API does feel a lot easier.

[–] [email protected] 1 points 1 year ago* (last edited 9 months ago)

[This comment has been deleted by an automated system]