Could CORS headers be sent from the XKCD JSON API?

Need the mods or admins to do something for you? Post here. Read the "About" post first.

Moderators: Moderators General, Prelates, Magistrates

Posts: 0
Joined: Wed Jan 13, 2016 4:13 am UTC

Could CORS headers be sent from the XKCD JSON API?

Postby Ajedi32 » Wed Jan 13, 2016 4:51 am UTC

Hey, I'm currently working on adding support to the Reddit Enhancement Suite browser extension for expanding links to XKCD posts to full hotlinked images, and I noticed that the XKCD JSON API doesn't currently send CORS headers in its responses to Hypertext Transfer Protocol (apparently your spam filter won't let me use the acronym for that term, grrr) API requests.

Is there any chance that could be changed? It's certainly possible for me to add this feature to RES without you sending those headers, but it's a real pain in the neck and requires extra browser permissions. Plus, I'm pretty sure sending those headers would help people other than just me.

Specifically, I'd like you to send the header:

Code: Select all

Access-Control-Allow-Origin: *

In response to Hypertext Transfer Protocol requests to URLs matching the pattern:

Code: Select all


That would allow any site on internet to send a Hypertext Transfer Protocol request from client-side JavaScript to URLs matching that pattern, and to read back the response. Presumably that API is meant to be public anyway, right?

Any chance of this happening in the near future? It'd really save me a big headache while implementing this in RES, and would result in a better implementation overall.

(This post used to have a bunch of helpful links in it explaining what RES, CORS, and such are, but I guess I'm not allowed to post those. Oh well.)

Return to “Site/Forum issues”

Who is online

Users browsing this forum: No registered users and 2 guests