-
Notifications
You must be signed in to change notification settings - Fork 344
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix CORS support in WHEP/WHIP API #798
Conversation
There you get |
it's example of non-standard header from Mozilla docs :) |
i saw that on the reference docs in mozilla, and added it too. I see now that it's not a standard, just an example :). |
@MPTres also you have added unnecessary empty line after new header |
Fixed |
Thanks |
nope |
that actually says that the safelisted content values are: |
Browsers don't allow WHIP/WHEP API calls to the go2rtc server when they are directed to a different domain, even when all origins are allowed in go2rtc configuration.
The problem it that when browsers detect a POST to another domain, they usually send first a Preflight Request. This is an OPTIONS request to verify with the server if that's allowed. The server needs to reply with a 'No content' status , and some headers with information about what's allowed. Right now, go2rtc just returns a "Method not allowed" response, which prevents the browser from sending the actual POST.
This change adds an OPTIONS handler and some allowed headers, so that the cors WHEP/WHIP requests can be accepted by the browser.