Comments (12)
Fix pushed to master
from audioserve.
@KodeStar pls update here if it is working for you.
from audioserve.
I’ve not tried it yet, been busy trying to add features and fix bugs, will try to build from master later today or tomorrow
from audioserve.
Any chance you could put out a release with this change in it? It will be much easier for me to test.
from audioserve.
@KodeStar - released latest master as v0.15.6. Can you confirm that CORS preflight is now working?
from audioserve.
I think we have a success, it's not complaining about cors any longer, now I just have to work out why what I'm trying to send isn't working :)
from audioserve.
Would it be possible to send the audioserve_token as a custom header instead of a cookie? The issue is, because the server and the frontend aren't on the same address it wont let me set the cookie. So all my subsequent requests to endpoints fail.
edit Nvm, I looked through the auth.rs code and realised it could be sent via an Authorization bearer token!
from audioserve.
@KodeStar,
Yes you can use Bearer token as well as cookie. In browser you can you send cookie even to different host (if it was setup by that host). I'm using it in development of default client (as it is convenient and you don't have manage the header yourself). Just need to add this option to XHR withCredentials: true
- see https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
from audioserve.
I was originally using axios and passing withCredentials: true
but it didn't help, I have since got rid of axios and am just using fetch, I haven't tried it with that since I got it working by passing the bearer. However, when I tried it with axios I got this error in the browser https://imgur.com/Oa3C4go
This attempt to set a cookie via a Set-Cookie header was blocked because it had the "SameSite=Lax" attribute but came from a cross-site response which was not the response to a top-level navigation.
from audioserve.
@ Kodestar Hmm, this make sense - our cookie is now SameSite: Lax
so it depends how login is initiated in browser. Problem is mainly for development, cause normally then client files and API are served from same location in production.
As I said it works for me now in FF for current client - probably the way login is initiated suits definition of "top-level navigation".
Anyhow if bearer token working for you it's good solution, as this will in both development and production set up. If there are still issues with CORS let me know, otherwise I think we can close this issue.
from audioserve.
Agreed :)
from audioserve.
CORS Headers looks working OK. However still some change needs to be done on cookie - created new issue fo this #64
from audioserve.
Related Issues (20)
- Dependency Dashboard
- Where to donate HOT 2
- Track skips when transcoding is enabled HOT 6
- New web client requires HTTPS HOT 3
- Error upgrading to v0.26.2 from v.0.24.1
- Build fails without feature folder-download HOT 3
- Local Linux build fails HOT 3
- Change document.title to current track name. HOT 2
- Some m4b files fail to play HOT 1
- Cover icons for client browsing and MediaSession HOT 2
- 0.20.0: "Error deserializing data from db tag for enum is not valid, found xxx" HOT 3
- Feature request: Mark audio files as "listened"/"completed" HOT 6
- iOS and mac decode problems HOT 4
- Rust Version too Low for Build HOT 2
- Audioserve android don't support nginx auth HOT 3
- Natural Ordering of files HOT 5
- ffprobe process HOT 2
- Artificially Low Limit on File Name Length HOT 5
- [ Feature Request ] package this as a Start9 Service HOT 2
- [Feature Request] Allow "Device Group" to be configured from an HTTP Header HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from audioserve.