From 39dd0ea33ed0c6ec9bb5f7d6c8a6c1d86f52e237 Mon Sep 17 00:00:00 2001 From: Dilwoar Hussain Date: Thu, 24 Oct 2024 16:39:54 +0100 Subject: [PATCH] Add CORS flag to allow datasette calls from the browser ``` --cors Enable CORS by serving Access-Control-Allow-Origin: * ``` It is worth noting, there isn't a way to restrict this to only certain domains, this would be done on the server level ie. Nginx configs. Ideally we would only allow `*.planning.data.gov.uk` domains. Ref: https://docs.datasette.io/en/0.64/cli-reference.html#datasette-serve --- startup.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/startup.sh b/startup.sh index afcae1a..9887014 100755 --- a/startup.sh +++ b/startup.sh @@ -3,7 +3,7 @@ DATASETTE_PID=0 start_datasette() { - DATASETTE_SERVE_ARGS="-h 0.0.0.0 -p $PORT --setting sql_time_limit_ms 10000 --nolock --immutable=/mnt/datasets/digital-land.sqlite3 --immutable=/mnt/datasets/performance.sqlite3 " + DATASETTE_SERVE_ARGS="-h 0.0.0.0 -p $PORT --setting sql_time_limit_ms 10000 --nolock --cors --immutable=/mnt/datasets/digital-land.sqlite3 --immutable=/mnt/datasets/performance.sqlite3 " for KEY in $(jq -rc 'keys[]' /mnt/datasets/inspect-data-all.json); do DATASETTE_SERVE_ARGS+="--immutable=/mnt/datasets/$KEY.sqlite3 ";