Device API Access-Control-Allow-Origin

Hi,

I am trying to make the Device api work with HTML and Javascript but cors is blocking me from doing api call with Javascript. When i open the dev tools I get the error that origin form ‘null’ has been blocked because the Access-Control-Allow-Origin header is not present on the requested resource.

So I setup a local webserver using nginx and set the Access-Control-Allow-Origin to * as instructed here: https://serverfault.com/a/716283. and it worked fine.

I also tested it with the InControl2 api and these have the Access-Control-Allow-Origin so it also worked fine.

So I was hoping i you could implement the Access-Control-Allow-Origin header on the device webserver so I can use the device api with Javascipt. I can work around it by disabling some security options in chrome but I rather not do that.

Kind regards,

Dylan van Elst