Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-47545

Enable cross origin requests in the Web Service REST server

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 2.8
    • Fix Version/s: 2.8
    • Component/s: Web Services
    • Labels:
    • Testing Instructions:
      Hide

      You need a token for the Mobile Service:

      1. Enable Web Services
      2. Enable REST Protocol
      3. Enable the Mobile Service
      4. Create Token:
        1. Click on Site administration ► Plugins ► Web services ► Manage tokens
        2. Click add, select user and service (Mobile Service)
      5. Download an open this html file in your browser: https://gist.github.com/jleyva/5c2de2a21c8674dd072d
      6. Change the URL and token values, launch the script (click in Test) you should see the response in plain JSON format with the Moodle site information.
      Show
      You need a token for the Mobile Service: Enable Web Services Enable REST Protocol Enable the Mobile Service Create Token: Click on Site administration ► Plugins ► Web services ► Manage tokens Click add, select user and service (Mobile Service) Download an open this html file in your browser: https://gist.github.com/jleyva/5c2de2a21c8674dd072d Change the URL and token values, launch the script (click in Test) you should see the response in plain JSON format with the Moodle site information.
    • Affected Branches:
      MOODLE_28_STABLE
    • Fixed Branches:
      MOODLE_28_STABLE
    • Pull from Repository:
    • Pull Master Branch:
      MDL-47545-master

      Description

      It would be interesting to enable cross origin requests in the REST server (add support to CORS)

      The benefits will be:

      Adding CORS support should be safe since the web service end points do not use the Moodle cookie/session, authentication is done using the token and if it detects that the Moodle cookie is used is throws an exception

      The change will be minimal:

      In the send_headers method: add this line:
      https://github.com/moodle/moodle/blob/master/webservice/rest/locallib.php#L173

      header('Access-Control-Allow-Origin: *');
      

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                5 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Fix Release Date:
                  10/Nov/14