[Icecast] Possible CORS issue

Marvin Scholz epirat07 at gmail.com
Thu Feb 13 22:51:09 UTC 2020


On 13 Feb 2020, at 23:44, Chip wrote:

> Hi
>
> I'm clutching at straws here.
>
> I have a user who requires access to a status-json.xsl to publish now
> playing data for an Alexa skill and this can be accessed via a browser at:
>
>    - http://example.com:8000/status-json.xsl
>
> He says that now his PHP script cannot access the file.
>
> I know that Alexa requires *streams* to be served over https but this has
> previously worked and his skill is curerently failing at accessing the
> status-json.xsl file.
>
> This is successful:
>
> curl http://example.com:8000/status-json.xsl
>
> But this:
>
> curl -I http://example.com:8000/status-json.xsl
>
> gives a Bad Request:
>
> HTTP/1.0 400 Bad Request
>
> I'm wondering if this might be a CORS issue:
>
>    - https://enable-cors.org/server.html
>

Hi,

If they are using a PHP script I fail to see how CORS would involved here
as that would be only relevant with JavaScript.

The reason curl -I fails is because it does a HEAD request which is not
supported.

> If that is so, what would be the appropriate solution from the above to
> remedy the problem?
>

You can add additional headers in the Icecast config:

    <http-headers>
        <header name="Access-Control-Allow-Origin" value="*" />
    </http-headers>

See the documentation for more info:

http://icecast.org/docs/icecast-2.4.1/config-file.html#global-headers

In Icecast 2.5 more advanced CORS handling will be possible.

> With many thanks in advance
>
> Chip Scooter
> _______________________________________________
> Icecast mailing list
> Icecast at xiph.org
> http://lists.xiph.org/mailman/listinfo/icecast



More information about the Icecast mailing list