[Icecast] Possible CORS issue

Marvin Scholz epirat07 at gmail.com
Thu Feb 13 22:51:09 UTC 2020

On 13 Feb 2020, at 23:44, Chip wrote:

> Hi
> I'm clutching at straws here.
> I have a user who requires access to a status-json.xsl to publish now
> playing data for an Alexa skill and this can be accessed via a browser at:
>    - http://example.com:8000/status-json.xsl
> He says that now his PHP script cannot access the file.
> I know that Alexa requires *streams* to be served over https but this has
> previously worked and his skill is curerently failing at accessing the
> status-json.xsl file.
> This is successful:
> curl http://example.com:8000/status-json.xsl
> But this:
> curl -I http://example.com:8000/status-json.xsl
> gives a Bad Request:
> HTTP/1.0 400 Bad Request
> I'm wondering if this might be a CORS issue:
>    - https://enable-cors.org/server.html


If they are using a PHP script I fail to see how CORS would involved here
as that would be only relevant with JavaScript.

The reason curl -I fails is because it does a HEAD request which is not

> If that is so, what would be the appropriate solution from the above to
> remedy the problem?

You can add additional headers in the Icecast config:

        <header name="Access-Control-Allow-Origin" value="*" />

See the documentation for more info:


In Icecast 2.5 more advanced CORS handling will be possible.

> With many thanks in advance
> Chip Scooter
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast

More information about the Icecast mailing list