Skip to content

Allow headers#159

Open
giovanniborella wants to merge 2 commits intomapcentia:masterfrom
giovanniborella:allow-headers
Open

Allow headers#159
giovanniborella wants to merge 2 commits intomapcentia:masterfrom
giovanniborella:allow-headers

Conversation

@giovanniborella
Copy link
Copy Markdown
Contributor

@giovanniborella giovanniborella commented Jul 9, 2025

This pull request addresses a CORS-related issue by adding support for the GC2-API-KEY header. This change ensures compatibility with stricter CORS policies in client applications, such as browsers.

CORS Compatibility Fixes:

  • CHANGELOG.md: Documented the addition of GC2-API-KEY to Access-Control-Allow-Headers to resolve errors encountered by CORS-strict clients.
  • public/index.php: Updated the Access-Control-Allow-Headers configuration to include GC2-API-KEY, allowing CORS-strict clients to function correctly.

@giovanniborella
Copy link
Copy Markdown
Contributor Author

giovanniborella commented Aug 14, 2025

We get the CORS error when we use the FeatureAPI from a popup-template like so:

<div class="vidi-popup-content">
    <h3 class="popup-title">{{_vidi_content.title}}</h3>
    {{#_vidi_content.fields}}
        {{#if value}}
            <h4>{{title}}</h4>
            <p {{#if type}}class="{{type}}"{{/if}}>{{{value}}}</p>
        {{/if}}
    {{/_vidi_content.fields}}    
	<a id="tomning" style="display: none;color: white;" class="btn btn btn-success mb-2 mt-2 w-100" target="tomning" onclick="update()">Tømning gennemført</a>

	<iframe name="tomning" style="display: none;">
	</iframe>
	<script>
		function update() {
			alert({{{gid}}});
			(async () => {
				// PUT request using fetch with async/await
				const element = document.querySelector('#put-request-async-await .date-updated');
				const feature = {
					  "type": "FeatureCollection",
					  "features": [
						{
						  "type": "Feature",
						  "properties": {
							"gid": {{{gid}}},
							"tomme_dato": "2026-10-21T13:28:06.419Z",
						  }
						}
					  ]
					}
				const requestOptions = {
					method: 'PUT',
					headers: {
								'Content-Type': 'application/json',
								'GC2-API-KEY': 'xxxxxxx'
					},
					body: JSON.stringify(feature)

				};
				const response = await fetch('https://xxx/api/v2/feature/xx@xx/public.xx.the_geom/4326', requestOptions);
				const data = await response.json();
				element.innerHTML = data.updatedAt;
			})();				
		}
	</script>
</div>

i suspect the SQL api will error out aswell

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@giovanniborella