cordova-httpd
cordova-httpd copied to clipboard
floatinghotpot
Feature request: enable Access-Control-Allow-Origin
This plugin is potentially very useful for working with WKWebView on iOS. However it is missing one feature to help with this a lot: setting Access-Control-Allow-Origin.
In C2 we are using a model where the index.html file and images are loaded as local files, but audio and video are served over HTTP. This brings the best combination of a) a predictable origin for storage to work and b) serving files that are otherwise impossible to get to work in WKWebView. However the local index.html file and a video on 127.0.0.1:49876 count as coming from different origins, therefore some restrictions are put in place, e.g. the video cannot be uploaded as a WebGL texture.
If the preview server is able to serve the following header:
Access-Control-Allow-Origin: *
or, for better security, specifically identifying the preview server itself only:
Access-Control-Allow-Origin: http://127.0.0.1:49876
This should then lift the cross-origin restrictions and allow everything to work optimally in WKWebView.
We can probably work around this for the time being, but this would make it a lot easier to use!
Actually, now that I think about it, allowing the preview server's origin won't help because the index.html page is on a file:// origin :P I think it would have to specify the * origin for it to work with a local file. But if you specify localhost_only: true then the preview server is only accessible locally anyway, right?
We didn't. We have a hack in place to float a video element over the canvas. This works because you can play videos from across origins in a kind of read-only mode. However it limits features like using them in WebGL since that would allow the video contents to be read. So C2 features like applying WebGL effects to video don't work. We still need this change to fully enable all video features.