-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Set CORS header for suggestion path #1
Comments
I didn't spotted |
Thanks for your report! The HTTP header Yes, both endpoints yield to different formats and data. I’ll have a look to make this more consistent. This code has been stable for ~ 8 years now, and now I can’t even find a reliable source in the Internet documenting the OpenSearch JSON result format … |
This is how mediawiki is responding to opensearch requests in While following a link at the bottom of MDN | OpenSearch, I've been landing at a github repo also containing the OpenSearch 1.1 Draft 6. In the Draft is a section about response elements. There are examples for Atom and RSS and there is a statement telling that the response is not restricted to XML contexts. Honestly, after reading the wikipedia article about OpenSeach, it seems like 1.1 Draft 6 was published in 2005 once and never really maintained or refined.. So for JSON search suggestion response I would adapt how others implemented this (like mediawiki and some other sites) or use the example RSS and Atom responses as an orientation for a self defined JSON response format. Thanks for the CORS Header. I will adjust the PR, so that the endpoint will be used. |
Hi,
please consider setting the CORS Header (
Access-Control-Allow-Origin
) for the suggestion URL (https://www.dwds.de/wb/typeahead), since with no CORS Header and newer browsers, clients are considered "untrusted" by default and can't send a successful request to this URL. So this is also impossible from the background script of the add-on.I'm currently trying to include the suggestions in the add-on - that's the reason why I ask for this. The current suggestion consists of only the full path of the current query (exactly 1 suggestion)
To configure the
Access-Control-Allow-Origin
Header with Apache, add the following to the configuration of the site (see header module doc and core (location directive) doc):where
*
represent every origin - so every origin (also the add-on origin) can access this endpoint.The text was updated successfully, but these errors were encountered: