[CORS] Osmand response not using config of web.origin

Nahuel4 years ago

Hello! My needs are very simple, I just need to make a simple get request from a browser app to the OsmAnd protocol endpoint to update a device's location:

http://demo.traccar.org:5055/?id=123456&lat={0}&lon={1}×tamp={2}&hdop={3}&altitude={4}&speed={5}

But I keep getting a CORS error and it seems there's no way to configure that.

If it's not possible, is there any other protocol that would allow me to update a device's location from a javascript app in a browser?

Thanks!

Anton Tananaev4 years ago

We don't implement CORS for any of the protocols.

Nahuel4 years ago

Thank you for your reply.

If I do simple GET request to the OsmAnd URL, the browser throws this error:

Access to XMLHttpRequest at 'http://localhost:6055/?id=....' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

(I'm using the docker implementation and mapped 6055 to 5055)

The reponse header of the OsmAnd URL has no Access-Control-Allow-Origin header, which is needed for this to work.

Is there some way I can add this through a config file? or would I need to modify some code?

Anton Tananaev4 years ago

Source code.

Nahuel4 years ago

Hello again. I don't know if you're asking me for my source code or telling me to look at Traccar's. Anyway, here's what I'm doing in JavaScript:

import axios from "axios";
import qs from "query-string";

async function setPosition(data = {}) {
  const params = qs.stringify(data);
  const headers = {
    'Content-Type': 'text/plain'
  }
  try {
    return axios.get(
      `http://localhost:6055/?${params}`,
      {headers}
    )
  } catch (error) {
    console.log(error)
  };
}

function PositionProvider({ children }) {
    setPosition({
      id: 123456,
      lat: -34.603683,
      lon:-58.381557
    })
    .then(async response => {
      let text = await response;
      console.log(text);
    })
    .catch(error =>  {
      console.log(error.response)
    });

  return children
}

export default PositionProvider;

The request is made correctly (I see the position updated in Traccar) but here it ends with that CORS error and as a result, I can't see the server's response in case it sent a command.

Anton Tananaev4 years ago

I answered your question.