diff --git a/lib/http_parser.cpp b/lib/http_parser.cpp
index fe61d168..44777de5 100644
--- a/lib/http_parser.cpp
+++ b/lib/http_parser.cpp
@@ -32,6 +32,15 @@ void HTTP::Parser::CleanPreserveHeaders() {
vars.clear();
}
+/// Sets the neccesary headers to allow Cross Origin Resource Sharing with all domains.
+void HTTP::Parser::setCORSHeaders(){
+ SetHeader("Access-Control-Allow-Origin", "*");
+ SetHeader("Access-Control-Allow-Methods", "GET, POST");
+ SetHeader("Access-Control-Allow-Headers", "Content-Type, X-Requested-With");
+ SetHeader("Access-Control-Allow-Credentials", "true");
+}
+
+
/// Returns a string containing a valid HTTP 1.0 or 1.1 request, ready for sending.
/// The request is build from internal variables set before this call is made.
/// To be precise, method, url, protocol, headers and body are used.
diff --git a/lib/http_parser.h b/lib/http_parser.h
index f3f89e62..1e740547 100644
--- a/lib/http_parser.h
+++ b/lib/http_parser.h
@@ -21,6 +21,7 @@ namespace HTTP {
std::string getUrl();
void SetHeader(std::string i, std::string v);
void SetHeader(std::string i, long long v);
+ void setCORSHeaders();
void SetVar(std::string i, std::string v);
void SetBody(std::string s);
void SetBody(char * buffer, int len);
diff --git a/src/controller/controller_api.cpp b/src/controller/controller_api.cpp
index ab21cc1d..0bd6eaf6 100644
--- a/src/controller/controller_api.cpp
+++ b/src/controller/controller_api.cpp
@@ -381,10 +381,7 @@ int Controller::handleAPIConnection(Socket::Connection & conn){
}
H.Clean();
H.SetHeader("Content-Type", "text/javascript");
- H.SetHeader("Access-Control-Allow-Origin", "*");
- H.SetHeader("Access-Control-Allow-Methods", "GET, POST");
- H.SetHeader("Access-Control-Allow-Headers", "Content-Type, X-Requested-With");
- H.SetHeader("Access-Control-Allow-Credentials", "true");
+ H.setCORSHeaders();
if (jsonp == ""){
H.SetBody(Response.toString() + "\n\n");
}else{
diff --git a/src/output/output_hls.cpp b/src/output/output_hls.cpp
index 0b266368..7f2efe32 100644
--- a/src/output/output_hls.cpp
+++ b/src/output/output_hls.cpp
@@ -144,6 +144,7 @@ namespace Mist {
H.Clean();
H.SetHeader("Content-Type", "text/xml");
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION "/" + Util::Config::libver);
+ H.setCORSHeaders();
H.SetBody("<?xml version=\"1.0\"?><!DOCTYPE cross-domain-policy SYSTEM \"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd\"><cross-domain-policy><allow-access-from domain=\"*\" /><site-control permitted-cross-domain-policies=\"all\"/></cross-domain-policy>");
H.SendResponse("200", "OK", myConn);
H.Clean(); //clean for any possible next requests
@@ -216,6 +217,7 @@ namespace Mist {
lastVid = from * 90;
H.SetHeader("Content-Type", "video/mp2t");
+ H.setCORSHeaders();
H.StartResponse(H, myConn, VLCworkaround);
unsigned int fragCounter = myMeta.tracks[vidTrack].missedFrags;
@@ -242,6 +244,7 @@ namespace Mist {
H.SetHeader("Content-Type", "audio/mpegurl");
}
H.SetHeader("Cache-Control", "no-cache");
+ H.setCORSHeaders();
std::string manifest;
if (request.find("/") == std::string::npos){
manifest = liveIndex();
diff --git a/src/output/output_http_internal.cpp b/src/output/output_http_internal.cpp
index f3932dd8..936dd016 100644
--- a/src/output/output_http_internal.cpp
+++ b/src/output/output_http_internal.cpp
@@ -148,6 +148,7 @@ namespace Mist {
H.Clean();
H.SetHeader("Content-Type", "text/xml");
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION);
+ H.setCORSHeaders();
H.SetBody("<?xml version=\"1.0\"?><!DOCTYPE cross-domain-policy SYSTEM \"http://www.adobe.com/xml/dtds/cross-domain-policy.dtd\"><cross-domain-policy><allow-access-from domain=\"*\" /><site-control permitted-cross-domain-policies=\"all\"/></cross-domain-policy>");
H.SendResponse("200", "OK", myConn);
return;
@@ -157,6 +158,7 @@ namespace Mist {
H.Clean();
H.SetHeader("Content-Type", "text/xml");
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION);
+ H.setCORSHeaders();
H.SetBody("<?xml version=\"1.0\" encoding=\"utf-8\"?><access-policy><cross-domain-access><policy><allow-from http-methods=\"*\" http-request-headers=\"*\"><domain uri=\"*\"/></allow-from><grant-to><resource path=\"/\" include-subpaths=\"true\"/></grant-to></policy></cross-domain-access></access-policy>");
H.SendResponse("200", "OK", myConn);
return;
@@ -174,11 +176,12 @@ namespace Mist {
return;
}
- // send logo icon
+ // send generic HTML page
if (H.url.length() > 6 && H.url.substr(H.url.length() - 5, 5) == ".html"){
H.Clean();
H.SetHeader("Content-Type", "text/html");
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION);
+ H.setCORSHeaders();
H.SetBody("<!DOCTYPE html><html><head><title>Stream "+streamName+"</title><style>BODY{color:white;background:black;}</style></head><body><script src=\"embed_"+streamName+".js\"></script></body></html>");
H.SendResponse("200", "OK", myConn);
return;
@@ -230,6 +233,7 @@ namespace Mist {
H.Clean();
H.SetHeader("Content-Type", "application/smil");
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION "/" + Util::Config::libver);
+ H.setCORSHeaders();
H.SetBody("<smil>\n <head>\n <meta base='rtmp://" + host + ":" + port + url_rel + "' />\n </head>\n <body>\n <switch>\n"+trackSources+" </switch>\n </body>\n</smil>");
H.SendResponse("200", "OK", myConn);
return;
@@ -244,6 +248,7 @@ namespace Mist {
}
H.Clean();
H.SetHeader("Server", "mistserver/" PACKAGE_VERSION);
+ H.setCORSHeaders();
if (rURL.substr(0, 6) != "/json_"){
H.SetHeader("Content-Type", "application/javascript");
}else{