Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Enable CORS by default #114
I have created a new project with:
stack new myproject yesod-scaffold/hsfiles/postgres.hsfiles cd myproject stack build stack exec -- yesod devel open http://localhost:3000/
The glyphicons are not displayed correctly because CORS is not properly setup. Then I have installed the
I think this should be in the default setup because the home page has glyphicons.
Are you open to a pull-request?
OK, the default configuration should be secure.
But the default configuration should also work, without errors, because any error gives the impression that something went wrong during setup.
Being a newcomer, I have lost a lot of time trying to figure out what I have done wrong, just to discover that it was a known "feature". :-)
Maybe we should add a warning message to
I don't see any errors, and wouldn't expect to need CORS at all in the scaffolded setup, since the assets are being served (in principle) from the same domain name. It's possible that you're accessing the site over one address (e.g., 127.0.0.1) while the generated URLs are something else (e.g., localhost). If you provide more information on what errors you're seeing, that would be useful.
You are right, the problem is in the URL I am using. The problem is with http://127.0.0.1:3000 (you may need to force reload of the page with Ctrl+Shif+R, because the fonts may be cached). With http://localhost:3000 it works fine.
Then the error is in the messages printed by yesod on start:
$ stack exec -- yesod devel Yesod devel server. Type 'quit' to quit Application can be accessed at: http://127.0.0.1:3000 https://127.0.0.1:3443 If you wish to test https capabilities, you should set the following variable: export APPROOT=https://127.0.0.1:3443
Later it says:
added a commit
Dec 4, 2015
I've just pushed a commit to the scaffolding (postgres branch) that switches the default behavior from a hard-coded application root to guessing the application root from the request. However, there seems to be a problem with this an the https server, which I'll need to check next week.
I've identified the issue with TLS, which is a bug in warp-tls: yesodweb/wai#478
Other than that, I believe switching the scaffolding over to