Local development (via file://) blocked by CORS
Closed this issue · 3 comments
@saracarl, @LauraMorreale and I are trying to get EVT up and running for a TEI export from FromThePage and have run into a usability issue for newbies, in that CORS policy blocks people from running EVT locally.
Reproduction steps:
- Download
evt2-beta.zip
from Sourceforge - Unzip the file into a directory on the local filesystem
- Navigate your web browser to
file:///path-to-evt/index.html
The web browser returns a MESSAGES.COMMUNICATION_ERROR
error complining that the configuration file could not be loaded.
The Javascript console reports this error:
Access to XMLHttpRequest at 'file:///home/benwbrum/dev/clients/morreale/evt2-beta1/config/config.json' from origin 'null' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https.
lib.9bec7ecd.js:5
GET file:///home/benwbrum/dev/clients/morreale/evt2-beta1/config/config.json net::ERR_FAILED
This seems like a natural path for users exploring EVT without running a local webserver. Is there any way around this, or must we fire up a webserver to point to our EVT and serve content via http?
You can try to use https://chrome.google.com/webstore/detail/web-server-for-chrome: just choose the folder containing the index.html and navigate to the web server URL indicated.
We have been relying on Firefox for a long time to do local testing of EVT-based editions, then it adopted the same security policy of Chrome. See this blog post for a couple more workarounds:
https://visualizationtechnology.wordpress.com/2019/12/20/evt-1-version-1-3-released/
The most simple one is to launch Chrome from the command line with the –allow-file-access-from-files
parameter.
Thank you all for the help. We were able to get EVT running thanks to the chrome extension.