Hunchentoot enabling CORS

Question

I am having some issues in enabling CORS on hunchentoot:

  (hunchentoot:define-easy-handler (one-api :uri *one-endpoint*) () 
    (when (boundp '*acceptor*)
      (setf (hunchentoot:header-out "Access-Control-Allow-Origin") "*")
      (setf (hunchentoot:header-out "Accept") "*/*")
      (setf (hunchentoot:header-out "Access-Control-Allow-Headers") "Content-Type, Accept, Origin") 
      (setf (hunchentoot:header-out "Access-Control-Allow-Methods") "POST, GET, OPTIONS, PUT, DELETE") 
      (setf (hunchentoot:header-out "Access-Control-Allow-Origin") "*") 
      (setf (hunchentoot:content-type*) "text/html"))
    (let* ((raw-data (hunchentoot:raw-post-data :force-text t)))
      (funcall callback raw-data))))

But still not work, anything that I am doing wrong?

There's an answer on /r/learnlisp: https://www.reddit.com/r/learnlisp/comments/e8wcxr/trouble_enabling_cors_with_hunchentoot_stack/ — Ehvince, Dec 10 '19 at 21:49

score 3 · Answer 1 · answered Dec 12 '19 at 19:47

The following worked for me:

(setf (header-out "Access-Control-Allow-Origin") "*")
  (setf (header-out "Access-Control-Allow-Methods") "POST,GET,OPTIONS,DELETE,PUT")
  (setf (header-out "Access-Control-Max-Age") 1000)
  (setf (header-out "Access-Control-Allow-Headers") "x-requested-with, Content-Encoding, Content-Type, origin, authorization, accept, client-security-token")
  (setf (header-out "Content-Type") "text/json")

Hunchentoot enabling CORS

1 Answers1