diff options
author | Jochen Topf <jochen@topf.org> | 2014-10-09 09:33:40 +0200 |
---|---|---|
committer | Jochen Topf <jochen@topf.org> | 2014-10-09 09:33:40 +0200 |
commit | 3b021818504986d66055a22e1e69150c61eff6a0 (patch) | |
tree | dd3b7227c4c5e2f8105aeb86f185141fbb4d9304 /taginfo-config-example.json | |
parent | a1f815958cf27fd2370ec4c369a3787585f0818c (diff) | |
download | taginfo-3b021818504986d66055a22e1e69150c61eff6a0.tar taginfo-3b021818504986d66055a22e1e69150c61eff6a0.tar.gz |
Add config setting for CORS header.
The response header Access-Control-Allow-Origin was always set to '*' for API
URLs. This is creating some problems with Apache (see
https://github.com/openstreetmap/iD/issues/2333), so it is now configurable.
The value of the new config setting "instance.access_control_allow_origin" is
used for that header now, or, if the variable is empty, the header is not set
at all.
Diffstat (limited to 'taginfo-config-example.json')
-rw-r--r-- | taginfo-config-example.json | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/taginfo-config-example.json b/taginfo-config-example.json index c2c0264..d72b224 100644 --- a/taginfo-config-example.json +++ b/taginfo-config-example.json @@ -16,7 +16,12 @@ // Contact name and email address. "contact": "Anonymous", // Geographical area this taginfo instance covers. - "area": "World" + "area": "World", + // Add CORS header Access-Control-Allow-Origin with the given value + // to all /api responses. Use "" to not set this header, disallowing + // external services to use your API from a browser. Set to "*" to + // allow anybody. + "access_control_allow_origin": "*" }, // For the geodistribution map. See the wiki documentation about these settings. "geodistribution": { |