I’m testing my video player with a live .m3u8 endpoint that I obtained via youtube-dl it looks like this(truncated):
https://manifest.googlevideo.com/api/manifest/hls_playlist/expire/1695328724/ei/dFUMZZr4 ... SycMQ7_2q/playlist/index.m3u8
so when I hard-code it for my Vidstack player/liveview hook to play it, I get this error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://manifest.googlevideo.com/api/ma... (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.
I added Corsica as a plug in endpoint.ex like this(before plug Plug.Static):
plug(
Corsica,
max_age: 3600,
allow_headers: :all,
origins: "*"
)
GET /api/manifest/hls_pla...2q/playlist/index.m3u8 HTTP/2
Host: manifest.googlevideo.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/117.0
Accept: */*
Accept-Language: en-CA,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate, br
Origin: http://localhost:4000
Connection: keep-alive
Referer: http://localhost:4000/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
DNT: 1
Sec-GPC: 1
Note the missing Access-Control-Allow-Origin
Am I using this right?
