<div dir="ltr">Brilliant, thanks! Slightly confusingly, the CORS headers don't show up in a quick command-line test using curl, looks like they're only added if an Origin header is present in the request.<div><br>
</div><div style> Thomas.</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Wed, May 15, 2013 at 10:20 AM, Andy Yates <span dir="ltr"><<a href="mailto:ayates@ebi.ac.uk" target="_blank">ayates@ebi.ac.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi Thomas,<br>
<br>
It's already been enabled on the server. You can see confirmation of this here:<br>
<br>
<a href="http://client.cors-api.appspot.com/client#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2Fbeta.rest.ensembl.org%2Finfo%2Fping.json&server_enable=true&server_status=200&server_credentials=false&server_tabs=remote" target="_blank">http://client.cors-api.appspot.com/client#?client_method=GET&client_credentials=false&server_url=http%3A%2F%2Fbeta.rest.ensembl.org%2Finfo%2Fping.json&server_enable=true&server_status=200&server_credentials=false&server_tabs=remote</a><br>
<br>
Andy<br>
<br>
Andrew Yates Ensembl Core Software Project Leader<br>
EMBL-EBI Tel: <a href="tel:%2B44-%280%291223-492538" value="+441223492538">+44-(0)1223-492538</a><br>
Wellcome Trust Genome Campus Fax: <a href="tel:%2B44-%280%291223-494468" value="+441223494468">+44-(0)1223-494468</a><br>
Cambridge CB10 1SD, UK <a href="http://www.ensembl.org/" target="_blank">http://www.ensembl.org/</a><br>
<div><div class="h5"><br>
On 15 May 2013, at 10:18, Thomas Down <<a href="mailto:thomas.a.down@gmail.com">thomas.a.down@gmail.com</a>> wrote:<br>
<br>
> Would it be possible to add CORS support to to this API? This would allow the API to be used from browser-based clients without having to jump through the JSONP hoops. The full spec is here:<br>
><br>
> <a href="http://www.w3.org/TR/cors/" target="_blank">http://www.w3.org/TR/cors/</a><br>
><br>
> But for a publicly-accessible API, all that's really needed is to add the header:<br>
><br>
> Access-Control-Allow-Origin: *<br>
><br>
> to all responses.<br>
><br>
> Best wishes,<br>
><br>
> Thomas.<br>
</div></div>> _______________________________________________<br>
> Dev mailing list <a href="mailto:Dev@ensembl.org">Dev@ensembl.org</a><br>
> Posting guidelines and subscribe/unsubscribe info: <a href="http://lists.ensembl.org/mailman/listinfo/dev" target="_blank">http://lists.ensembl.org/mailman/listinfo/dev</a><br>
> Ensembl Blog: <a href="http://www.ensembl.info/" target="_blank">http://www.ensembl.info/</a><br>
<br>
<br>
_______________________________________________<br>
Dev mailing list <a href="mailto:Dev@ensembl.org">Dev@ensembl.org</a><br>
Posting guidelines and subscribe/unsubscribe info: <a href="http://lists.ensembl.org/mailman/listinfo/dev" target="_blank">http://lists.ensembl.org/mailman/listinfo/dev</a><br>
Ensembl Blog: <a href="http://www.ensembl.info/" target="_blank">http://www.ensembl.info/</a><br>
</blockquote></div><br></div>