Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Better documentation for expected CORS server configuration #1018

Closed
hochhaus opened this issue Sep 9, 2017 · 4 comments
Closed

Better documentation for expected CORS server configuration #1018

hochhaus opened this issue Sep 9, 2017 · 4 comments
Assignees
Labels
status: archived Archived and locked; will not be updated type: docs Improvements or fixes to documentation
Milestone

Comments

@hochhaus
Copy link
Contributor

hochhaus commented Sep 9, 2017

When using shaka with CORS, the expected server configuration is not immediately obvious. Could a suggested configuration be added to the README?

For example:

Access-Control-Allow-Origin: https://example.com   # or * for all sites
Access-Control-Allow-Headers: Range                # is IMS or any other header necessary?
Access-Control-Max-Age: 600                        # cache preflight requests for 10 mins
Access-Control-Allow-Credentials: true             # iff using credentials

I'm not confident of the best configuration or I would send a pull request.

@TheModMaker
Copy link
Contributor

I am hesitant to add this to the documentation since this is a common server-side configuration. CORS requirements are imposed by the browser, not by Shaka, so most servers will have to deal with this whether they use Shaka or not. Also, different server software will require different configurations to allow CORS.

There is already an entry in the FAQ when dealing with HTTP_ERROR. We may also want to mention CORS setup in the tutorials. But since this doesn't apply to Shaka specifically, it doesn't belong in the README.

@TheModMaker TheModMaker added the type: docs Improvements or fixes to documentation label Sep 11, 2017
@TheModMaker TheModMaker added this to the v2.3.0 milestone Sep 11, 2017
@hochhaus
Copy link
Contributor Author

Thanks @TheModMaker. I appreciate the point. That said, at least the Access-Control-Allow-Headers: Range does depend specifically on the headers sent by shaka. I'm fine with leaving out the documentation for the other headers (as you say, they are not dependent on shaka). However, without diving into the shaka source, how can one be sure of which non-simple headers shaka adds to the requests?

To me, anything that requires reading the source for correct server configuration should be documented. What do you think?

@TheModMaker
Copy link
Contributor

I'll be sure to mention the Range header in the FAQ and in a new section in the tutorials.

@TheModMaker TheModMaker self-assigned this Sep 11, 2017
joeyparrish pushed a commit that referenced this issue Sep 26, 2017
Closes #1018

Change-Id: I0ec915fe37b3cc62aff0184f2306297b388db701
@joeyparrish
Copy link
Member

The new docs have been cherry-picked to v2.2.x and will be released in v2.2.2.

@shaka-project shaka-project locked and limited conversation to collaborators Mar 22, 2018
@shaka-bot shaka-bot added the status: archived Archived and locked; will not be updated label Apr 15, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
status: archived Archived and locked; will not be updated type: docs Improvements or fixes to documentation
Projects
None yet
Development

No branches or pull requests

4 participants