Hi Chet, that look like a simple solution for us! Greetings, Andreas > Hi Andreas, > > Jesse, our IT contact, recommends that we just enable CORS for all of > docs.oasis-open.org. That should eliminate the need for you to explicitly > set them for your schemas. I'll let you know as soon as we have a final > disposition. > > /chet > > On Mon, Aug 5, 2019 at 2:51 PM Andreas Kuehne <
kuehne@trustable.de> wrote: > >> Hi Chet, >> >> yes, I guess we need a CORS Header at least for the >> oasis-dss-core-openapi.json and oasis-dss-metadata-openapi.json. But it >> could be absolutely possible that other files (XML schemes) could be >> accessed by a browser based application. Does OASIS has a policy for >> handling Cross-Site-Requests? We don't want to introduce an security >> holes or inconveniences for the administrators. >> >> Greetings, >> >> Andreas >>> Andreas, I don't fully understand your question. >>> >>> If it is whether or not you all can add a CORS header to some of your >>> files, then yes, certainly, you can do so. >>> >>> If it whether or not I can add a CORS header, then my question is 'what >> do >>> you need me to do and where do you need it done?' >>> >>> >>> >>> On Sun, Aug 4, 2019 at 9:22 AM Andreas Kuehne <
kuehne@trustable.de> >> wrote: >>>> Hi Chet, >>>> >>>> >>>> yet another question: >>>> >>>> What's the OASIS policy on CORS header? I just came across this topic >>>> when trying to open OAS-Spec od the DSS-X core 2.0 . The request to open >>>> >>>> >>>> >>
https://docs.oasis-open.org/dss-x/dss-core/v2.0/cs01/schema/oasis-dss-core-openapi.json >>>> on >>>> >>>>
https://editor.swagger.io >>>> >>>> fails without any hint. There should be some information for the user., >>>> but that's not our responsibility. After opening the browser I learned >>>> that the cause is a missing CORS header enabling the browser to access >>>> the DSS-X core spec in a cross-domain manner. >>>> >>>> Would it be possible to add the corresponding header? >>>> >>>> >>>> Greetings, >>>> >>>> >>>> Andreas >>>> >>>> >>>> -- >>>> Andreas KÃhne >>>> >>>> Chair of OASIS DSS-X >>>> >>>> phone: +49 177 293 24 97 >>>> mailto:
kuehne@trustable.de >>>> >>>> Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 >>>> Hannover Amtsgericht Hannover HRB 212612 >>>> >>>> Director Andreas KÃhne >>>> >>>> Company UK Company No: 5218868 Registered in England and Wales >>>> >>>> >>>> >> -- >> Andreas KÃhne >> >> Chair of OASIS DSS-X >> >> phone: +49 177 293 24 97 >> mailto:
kuehne@trustable.de >> >> Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 >> Hannover Amtsgericht Hannover HRB 212612 >> >> Director Andreas KÃhne >> >> Company UK Company No: 5218868 Registered in England and Wales >> >> >> -- Andreas KÃhne Chair of OASIS DSS-X phone: +49 177 293 24 97 mailto:
kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas KÃhne Company UK Company No: 5218868 Registered in England and Wales Attachment: smime.p7s Description: S/MIME Cryptographic Signature