Not sure where to post this: the Piefed API doesn’t support CORS, at least testing against piefed.social, so requests from webapps like photon, alexandrite, voyager via PWA would not work.

Also, is there a way to pass a fedilink to resolve, like Lemmy resolveObject?

And lastly, how is Piefed planning on handling updates to the API for lemmy v1? Things like varying object type arrays being combined, and new/updated sorts.

Thanks!

  • aeharding@vger.socialOP
    3·
    19 days ago

    I checked piefed.social and I’m still getting CORS errors. Does the change still have yet to be deployed there?

    • Rimu@piefed.socialMEnglish
      3·
      19 days ago

      It’s working for me. Try this:

      <!-- Save this as test-cors.html and open in a browser -->
<!DOCTYPE html>
<html>
  <body>
    <script>
      fetch("https://piefed.social/api/alpha/comment?id=6527216", {
        method: "GET", // or "POST", etc.
        headers: {
          "Content-Type": "application/json"
        }
      })
      .then(response => response.text())
      .then(data => console.log("Success:", data))
      .catch(error => console.error("CORS Error:", error));
    </script>
  </body>
</html>
      • aeharding@vger.socialOP
        3·
        18 days ago

        Ah, that works, but this doesn’t:

        <!-- Save this as test-cors.html and open in a browser -->
<!DOCTYPE html>
<html>
  <body>
    <script>
      fetch("https://piefed.social/comment/6527914", {
        method: "GET", // or "POST", etc.
        headers: {
          "Content-Type": "application/json",
          Accept: "application/activity+json",
        },
      })
        .then((response) => response.text())
        .then((data) => console.log("Success:", data))
        .catch((error) => console.error("CORS Error:", error));
    </script>
  </body>
</html>

        nor this:

        <!-- Save this as test-cors.html and open in a browser -->
<!DOCTYPE html>
<html>
  <body>
    <script>
      fetch("https://piefed.social/.well-known/nodeinfo", {
        method: "GET", // or "POST", etc.
        headers: {
          "Content-Type": "application/json"
        },
      })
        .then((response) => response.text())
        .then((data) => console.log("Success:", data))
        .catch((error) => console.error("CORS Error:", error));
    </script>
  </body>
</html>
        • Rimu@piefed.socialMEnglish
          3·
          18 days ago

          Ok technically those are not part of the API ;-)

          I’ve put CORS headers on everything now, go for it.