We are attempting to use AMI in Asterisk 13.30.0 (yes I know its old). It seems that regardless of the allowed_origins setting any calls from a browser result in a CORS error - though intrestingly enough it does get a 200 back (see below).
I would greatly appreciate any insights or guidance.
manager.conf
[general]
enabled=yes
webenabled=yes
bindaddr = 0.0.0.0
port = 5038
allowed_origins=*
Multiple combinations have been tried for the allowed_origins with the same results
Initial auth
194.xxx.xxx.xxx:8088/rawman?action=login&username=XXXX&secret=XXXXXX
results in
Access to XMLHttpRequest at 'http://194.xxx.xxx.xxx:8088/rawman?action=login&username=XXXX&secret=XXXX' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
but....the return headers are
HTTP/1.1 200 OK
Server: Asterisk/13.30.0
Date: Mon, 19 Dec 2022 08:13:42 GMT
Cache-Control: no-cache, no-store
Content-type: text/plain
Set-Cookie: mansession_id="a790b432"; Version=1; Max-Age=60
Pragma: SuppressEvents
Content-Length: 55
