I'm curious of the best way to handle CORS requests in Crafter CMS. It's not mentioned anywhere in the documentation, and none of the example REST requests add CORS headers so they only work if accessed directly from the browser and not from a webapp.
I found that I can add the necessary headers with the use of the global response object, and that works, but it requires calling it in every script.
I tried creating a filter according to the documentation that adds the headers, thinking that it would be called for each request, and I registered it in a (new) file config/site.xml as explained in the documentation, but the filter either never gets called or has no affect.
Is there an easier or different way to do it, or should I just create a helper class that is called in every REST script to make it work?
Updated 2017-09-28:
Please see the docs (valid for version 3.0.2 onward): http://docs.craftercms.org/en/3.0/site-administrators/engine/engine-site-configuration.html?highlight=cors
Original:
What you're doing makes sense, but it would be easier if Crafter Engine supported this out of the box.
This is the ticket to track the new feature: https://github.com/craftercms/craftercms/issues/1376