6
submitted 1 year ago by diamond@beehaw.org to c/support@beehaw.org

Hey Beehaw mods!

I'm currently working on a Lemmy web client, but the lack of proper CORS headers is preventing anything from working :(

I just wanted to ask if the appropriate CORS headers could be added to the front-facing proxy layer. If you're using Caddy, I believe something like this should do the trick:

reverse_proxy ... {
  header_down Access-Control-Allow-Origin *
  header_down Access-Control-Allow-Methods *
  header_down Access-Control-Allow-Headers *
}

Relevant issue: https://github.com/LemmyNet/lemmy/issues/3109

you are viewing a single comment's thread
view the rest of the comments
[-] diamond@beehaw.org 3 points 1 year ago

Thank you for the reply, I really appreciate it! Currently, my app has been migrated to the WS API so development can continue for now until the WS is removed completely in a later release or Lemmy addresses the CORS issue upstream.

As for the security concerns, I believe that most of them are addressed in this comment that is in the particular issue that I linked above.

It's worth noting that CORS really only applies in the browser and that the WS API currently bypasses this protection (hence me being able to continue with the development).

[-] diamond@beehaw.org 2 points 1 year ago

P/S: the app currently lives at https://slemmy.libdb.so.

this post was submitted on 17 Jun 2023
6 points (100.0% liked)

Beehaw Support

2796 readers
1 users here now

Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.

A brief FAQ for lurkers and new users can be found here.

Our September 2024 financial update is here.

For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.


if you can see this, it's up  

founded 2 years ago
MODERATORS