Hi,
I'm using POUND to dispatch web traffic to a VMs structure.
I need to add CORS authorization headers for a website on a VM using Apache.
I did it by adding this lines to a .htaccess file:
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "https://externalsite.com/";
Header set Access-Control-Allow-Methods "GET, POST, OPTIONS"
Header set Access-Control-Allow-Headers "*"
Header set Access-Control-Max-Age "*"
Header set Access-Control-Allow-Credentials true
Header set Access-Control-Allow-Headers "X-Requested-With"
Header always set Access-Control-Expose-Headers "*"
</IfModule>
After this modification, the website resturns the right headers:
Access-Control-Allow-Origin: https://externalsite.com/
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Max-Age: *
Access-Control-Allow-Credentials: true
But I still have an issue with the distant m3u8 file to read:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the
remote resource at https://externalsite.com/file.m3u8. (Reason: CORS header
‘Access-Control-Allow-Origin’ missing).
I don't know if Pound is involved by this issue.
--
Ben
--
pound mailing list
[email protected]
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
