CORS headers: my app doesn't work after update

CORS headers: my app doesn't work after update

edited 07/21/2019 - 15:01 in SoundTouch API
LenkradLenkrad Posts: 2Member
Hi, after the last upgrade I downloaded for my SoundTouch 20 a few weeks ago something seems to have changed with CORS headers.
My very simple web control interface is not able to get volume any more, and when sending a key press I also get an error.

My device is at 192.168.232.120 and the web app at 192.168.232.126 ("nashorn").
The response contains the following header:
Access-Control-Allow-Origin: http://192.168.232.120
And so chrome blocks me from seeing the response. But when sending a POST the request is handled, I just am not allowed to see the result. Error message in chrome console:
Access to XMLHttpRequest at 'http://192.168.232.120:8090/presets' from origin 'http://nashorn' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://192.168.232.120' that is not equal to the supplied origin.

My question: did you change anything about the CORS headers in the last update, and would it be possible to revert that? I really don't see why it should not be possible to control the device from another network. And if there is a reason for that it shouldn't be possible to send POST as well.
It would be good to be at least able to allow cross origin requests in the SoundTouch settings.

Alternatively I have to write a backend service just for forwarding simple requests to another device in the same network, and I think that does not make much sense.

Thanks,
Lennart

Comments

  • kdw2060kdw2060 Posts: 8Member
    +1 facing the same issue, my local network app that i made doesn't work anymore either
Sign In or Register to comment.