View Single Post
Old 01-28-2019, 01:29 AM   #1
Azzar
Human being with feelings
 
Azzar's Avatar
 
Join Date: Aug 2011
Location: Copenhagen, Denmark
Posts: 37
Default Allow access to webserver API from other locations

I'm playing around with the newly released Stream Deck SDK, and am trying to make a Stream Deck plugin that allows sending and receiving actions and data via the web interface.

This works ok for sending actions from the Stream Deck, but for receiving data - in this case a GET/EXTSTATE/key/value request - I run into problems because of the servers cross-origin policy. I get this error:
"No 'Access-Control-Allow-Origin' header is present on the requested resource"

The problem is basically that the Stream Deck runs it's plugin on it's own webserver - that is also on localhost, but on a different port.

Opening up for all cross-origin access is probably a security no-no, but how about the common solution of requiring an API key to be sent with a request?

Alternatively it could be solved if you for a web control surface entry could specify specific ports (or port ranges) on localhost that would be allowed access.

It would be super nice to be able to have a Stream Deck act as a Reaper control surface, and specifically being able to change its layout based on Reapers cursor context, so a solution for this would be most welcome.
Azzar is offline   Reply With Quote