[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Inf-IT DAVcl] does infcloud support header "Access-Control-Allow-Origin <a-domain>"?


and it's not about InfCloud support for this header. CORS headers are handled completely by a browser NOT the client (see the CORS specification).



> On 28 Feb 2018, at 09:07, Julien Métairie <ruliane@xxxxxxxxxxx> wrote:
> Hi Ploc,
> As far as I know, you need to fill Access-Control-Allow-Origin with a full URL, including the protocol.
> For example:
> Access-Control-Allow-Origin "https://cal.example.com";
> Regards,
> Julien
> Le 28/02/2018 à 00:04, Ploc a écrit :
>> Hi everyone,
>> Does infcloud support header "Access-Control-Allow-Origin <a-domain>"?
>> I tried to configure my caldav server with "Access-Control-Allow-Origin"
>> header set to <a-domain>", but infcloud seems to be unable to connect
>> the caldav server, reporting the following error in the browser's console:
>>> "Error: [netCheckAndCreateConfiguration: 'PROPFIND
>> https://<a-domain>/dav/'] code: '0' status: 'error' - see
>> https://www.inf-it.com/infcloud/readme.txt (cross-domain setup)"
>> webdav_protocol.js:120:4
>> When I set this "Access-Control-Allow-Origin" header to "*", it works.
>> I find it more secure to be able to set this header.
>> Can you tell me how is infcloud supposed to work with this header?
>> Thank!

Attachment: smime.p7s
Description: S/MIME cryptographic signature