CORS Error when hostin tile proxy on subdomain #5
Comments
|
Thank you. I will take a look in the next days and have a think about it. @NlL5 feel free to chip in ;) |
|
Ah I see. I did not notice this, because I only integrated TileProxy into our application and our application sends Access-Control headers on its own. Since the TileProxy class already has the setReferrer() method, I think it would make sense to also set these as headers. Idk if you already planned this @jhit, but for extensibility and readability, I think it would be nice to create a protected method "sendHeaders()" or so that is called by the handle() method. |
|
I have not implemented anything yet. I just added the header() call to my index.php to solve my problems. I agree on encapsulating the headers in a private function. Would you also move osm-tile-proxy/src/TileProxy.php Lines 306 to 309 in 0c2e18f |
|
Good point. Though, I think these should stay, since we probably do not want them in the other if-else-branches, or the error codes get cached or something. |
Hi @NlL5
I use the updated tile proxy on a dedicated sub-domain.
I have set a referrer to limit access to the tile proxy.
currently the code will cause a cors error in this setup because the required header 'Access-Control-Allow-Origin: *' is never set in the code.
I would like to contribute this fix but want to start a discussion before submitting any changes.
My Idea currently is:
default the $referrer to '*'. Use the $referrer to always create the cors header in
osm-tile-proxy/src/TileProxy.php
Line 260 in 0c2e18f
Enable the code to use more than one $referrer.
If a referrer other than '*' is set then also limit the CORS header to the given URLs of the $referrer.
What do you think?
The text was updated successfully, but these errors were encountered: