Developing for Chromecast without CORS

1
votes

I am currently developing a Chromecast app for an existing video streaming service. We are currently developing a proof of concept app that will allow us to Cast video.

I have read on the Cast developers website about CORS here. Unfortunately, I do not have the access required to change headers on responses from our servers or update the cors.xml file on the server (Which to my knowledge currently does not exist).

My current work around to this problem is to proxy my Chromecast's HTTP traffic through Charles, and use the rewrite feature to add the required CORS headers to the HLS files being requested from other origins.

This solution works fine for non-secure content, however, we also have content being delivered over HTTPS, and the above solution does not work.

Is there any way, with or without a proxy, to ignore, bypass, or add CORS headers on https responses for the development of a Chromecast app on a whitelisted device?

On solution might be to install the Charles certificate, that would allow the proxy to intercept HTTPS traffic and the Chromecast to accept connections from endpoints using that cert, but I do not see a way to install that certificate on the Chromecast.

Another solution may also be to write our own intermediary service that the Chromecast hits, instead of our servers, and returns the video streams with the proper CORS implementation.

Thank you!

1
corschromecast
On the CC side, I can tell you that CORS is required and cannot be bypassed. You are also mentioning that you don't have access to the streaming service to add the headers; if that is the case, are you planning to find a way to get around that even in production? What CDN are you working with that doesn't allow you to do so?Ali Naddaf
Thanks Ali, Before we go into production, we will be updating the CDN to deliver the HLS files with the required CORS headers. What I am looking for is a temporary solution I can use in during development to provide a demonstration of our content running on the Chromecast.Ryan
Then your best bet is to use a proxy; if https content cannot be routed through the proxy, you might want to limit the content to http for development and when you see that working, start working with your CDN to add the CORS headers, etc. Adding headers is something that is not a hard thing for a lot of CDNs since they have been doing that already and are familiar with the process, so you may contact them and see if they can accommodate you earlier. There is no shortcut on the CC side to disable that for development.Ali Naddaf
Yeah, That is the solution I am gonna go with for now. Feel free to put that comment as an answer, and I will accept it.Ryan

1 Answers

3
votes

Your best bet is to use a proxy; if https content cannot be routed through the proxy, you might want to limit the content to http for development and when you see that working, start working with your CDN to add the CORS headers, etc. Adding headers is something that is not a hard thing for a lot of CDNs since they have been doing that already and are familiar with the process, so you may contact them and see if they can accommodate you earlier. There is no shortcut on the CC side to disable that for development.