Skip to content

REST API CORS headers #2344

Description

@wbobeirne

Background

If a web application wanted to use an LND node, requests would be blocked even if the REST API were exposed due to the lack of a Access-Control-Allow-Origin header. I don't know that there's much harm in setting it to * by default, since you'd need macaroons for the node to do pretty much anything anyway.

This is somewhat of a duplicate of #1405, however that issue went a little off-topic with a fork of LND.

Your environment

  • version of lnd - 0.5.1
  • which operating system (uname -a on *Nix) - Ubuntu Server 16.04
  • version of btcd, bitcoind, or other backend - bitcoind

Metadata

Metadata

Assignees

No one assigned

    Labels

    P3might get fixed, nice to haveenhancementImprovements to existing features / behaviourrecoveryRelated to the backup/restoration of LND data (e.g. wallet seeds)rpcRelated to the RPC interface

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions