This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2017-05-30
Channels
- # arachne (2)
- # beginners (8)
- # boot (19)
- # chestnut (2)
- # cider (1)
- # clara (1)
- # cljs-dev (31)
- # cljsrn (82)
- # clojure (163)
- # clojure-dusseldorf (7)
- # clojure-greece (1)
- # clojure-italy (4)
- # clojure-norway (3)
- # clojure-russia (24)
- # clojure-sg (5)
- # clojure-spec (6)
- # clojure-uk (42)
- # clojurescript (239)
- # core-async (4)
- # cursive (10)
- # data-science (18)
- # datascript (1)
- # datomic (110)
- # emacs (16)
- # euroclojure (1)
- # events (1)
- # figwheel (1)
- # hoplon (22)
- # keechma (2)
- # klipse (5)
- # lein-figwheel (3)
- # leiningen (7)
- # luminus (27)
- # melbourne (2)
- # mount (5)
- # nyc (7)
- # off-topic (35)
- # om (20)
- # onyx (49)
- # pedestal (41)
- # re-frame (31)
- # reagent (18)
- # remote-jobs (9)
- # ring (4)
- # ring-swagger (1)
- # spacemacs (6)
- # specter (6)
- # uncomplicate (3)
- # unrepl (9)
- # untangled (54)
- # yada (11)
Hello, guys! Posted this in #figwheel channel, but seems it makes more sense to place it here. I have a problem with figwheel dev server CORS. It should be a ubiquitous problem, but I can't find a ready solution. I'm developing front-end with reagent/re-frame and I have java spring back-end developed by another person. So when I'm trying to send any requests to the server-side, I got 401 on OPTIONS request. A possible way to solve CORS problem is to set 'Access-Control-Allow-Origin: *' header, but it's insecure. So I want to deal with dev server itself. As I understand, I need something like a proxy, that will modify 'Origin' header of all requests made from UI to server-side, setting acceptable header value. Does it make sense? Anyway, could you please share practices you use and forward me to the right direction? Thank you! PS: maybe it just makes sense to enable CORS on the server-side in dev mode and disable in production...
> A possible way to solve CORS problem is to set 'Access-Control-Allow-Origin: *' header, but it's insecure. This is fine in dev
You could use a proxy, but there are headers designed to solve this exact problem