APIs responses don't have CORS in headers #282
Description
Hello,
I'm trying to call some APIs from a Javascript chat client. In particular I'm trying to access the session log API in order to restore the chat history on the client.
If I call it from a browser I can get the JSON correctly.
If I call it from my Javascript client i got
failed to load https://aida-stg.instedd.org/api/v1/bots/xx/sessions/7xxxxxx-6bd8-40ce-a4e3-7c10aafcc2bb/log?access_token=xxxxxxxxxxxxxx: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://chatbot.local' is therefore not allowed access.
As far as I know, every API in the API page has the same behaviour.
Is it possible to have the correct headers in the response so as to allow CORS? I think it would be very useful to be able to use APIs from inside a JS client.
Thanks