CORS about w3id.org HOT 6 CLOSED

What did you need to know about? Individual .htaccess files can add their own config. And this is in the main apache config:

Header always set Access-Control-Allow-Origin "*"

from w3id.org.

Thanks David. I was trying to do a cross domain HTTP Get / Accept request
of some IRIs in the browser, but it wasn't working for any that went
through w3id.org/xapi/ so I'm guessing it would need to be explicitly added
in our .htaccess file as well.

It it possible that it's not working since Access-Control-Allow-Origin "*"
is omitted from our .htaccess? Even if it were provided in the main apache
config? Thanks for your reply.

+1.850.266.7100(office)
+1.850.471.1300 (mobile)
jhaag75 (skype)
http://jasonhaag.com (Web)
http://twitter.com/mobilejson (Twitter)
http://linkedin.com/in/jasonhaag (LinkedIn)

On Tue, Jul 19, 2016 at 2:09 PM, David I. Lehn [email protected]
wrote:

What did you need to know about? Individual .htaccess files can add their
own config. And this is in the main apache config:

Header always set Access-Control-Allow-Origin "*"

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#476 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAiZRtBlKURWUbrESrqk17RHuazLu8UJks5qXSEFgaJpZM4JMyLa
.

from w3id.org.

Perhaps. I haven't had to debug such things myself. Various other .htaccess files set that as well as the associated Access-Control-Allow-Headers. Probably need to experiment and trace HTTP preflight calls and such to see what issues and fixes are.

from w3id.org.

I added the following to our .htaccess and it works now. Thanks!

Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Headers "Origin, X-Requested-With,
Accept, Accept-Language"
Header always set Access-Control-Allow-Methods "GET, OPTIONS"

+1.850.266.7100(office)
+1.850.471.1300 (mobile)
jhaag75 (skype)
http://jasonhaag.com (Web)
http://twitter.com/mobilejson (Twitter)
http://linkedin.com/in/jasonhaag (LinkedIn)

On Tue, Jul 19, 2016 at 4:41 PM, David I. Lehn [email protected]
wrote:

Perhaps. I haven't had to debug such things myself. Various other
.htaccess files set that as well as the associated
Access-Control-Allow-Headers. Probably need to experiment and trace HTTP
preflight calls and such to see what issues and fixes are.

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#476 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AAiZRjJSZ9yZ_xkpZU5N1ItcIw3hN11tks5qXUSRgaJpZM4JMyLa
.

from w3id.org.

And here's an example of making a cross domain JavaScript request from a HTML page hosted on another domain in case anyone is ever trying to do something similar. In addition, you need to set the headers and methods. Most of the other htaccess files I found on the w3id.org server only set the origin. When I tested using only the allow origin directive on other servers that alone didn't work for me.

<!doctype html>
<html>
  <head>
    <script src="http://code.jquery.com/jquery-1.4.2.min.js"></script>
    <script type="text/javascript">
      $(document).ready(function() {
        $.ajax({
          url: 'https://w3id.org/xapi/cmi5',
          type: 'GET',
          dataType: 'json',
          beforeSend: setHeader       
        });
      });
      function setHeader(xhr) {
        xhr.addEventListener('load', function (ev) {console.log(ev);console.log(xhr.response);console.log(xhr.responseText);});
        xhr.setRequestHeader('Accept', 'application/json');
      }
    </script>
  </head>
  <body>
    <h1>Load this page with the browser developer console open and view the network / xhr requests.</h1>
  </body>
</html>

Also posted here: http://xapi.vocab.pub/cmi5-json-test.html

from w3id.org.

For anyone looking, here was the related patch:
#483

from w3id.org.