iconclass-API - Options-Requests vs CORS

Hi everyone! :wave:

For years, we have been using the Iconclass API in easydb5 and fylr to handle the relevant linking: GitHub - programmfabrik/fylr-plugin-custom-data-type-iconclass · GitHub

Our system requirement for fylr is the use of Chrome. However, a user now needs to use Firefox and discovered that—unlike Chrome—Firefox sends preflight requests (OPTIONS) when using the iconclass-API. The correct response is received, but the Access-Control-Allow-Origin: * header is missing from the OPTIONS request response, resulting in CORS errors.

It is already included in GET requests… Could you please add that header for OPTIONS requests as well?

Thanks and best regards, Tobias

Thanks for the report Tobias.

This should be a small quick-fix, we will deploy it to the production service as soon as possible, and also make sure it goes into the new version under development.