Si no coloco
crossorigin en <img> y en el servidor mando
Access-Control-Allow-Origin: * , carga adecuadamente pero no puedo utilizar canvas porque queda "tainted".
Si coloco use-credentials y ajusto las cabeceras del servidor para que respondan según lo requerido en CORS ni siquiera carga la imagen.
Así quedan las cabeceras:
Access-Control-Allow-Credentials:
true
Access-Control-Allow-Headers:
Accept-Language, Referer, User-Agent, Accept, Server, Cache-Control, Pragma, Origin, Accept-Encoding, Content-Type, Connection, Host
Access-Control-Allow-Methods:
GET, OPTIONS
Access-Control-Allow-Origin:
Access-Control-Max-Age:
86400
Cache-Control:
no-store, no-cache, must-revalidate, pre-check=0, post-check=0, max-age=0
Connection:
close
content-length:
9644
content-type:
image/jpeg
Expires:
Mon, 3 Jan 2000 12:34:56 GMT
Pragma:
no-cache
Server:
MJPG-Streamer/0.2
Vary:
Accept-Encoding, Origin
- Request Headersview source
Accept:
image/webp,image/*,*/*;q=0.8
Accept-Encoding:
gzip, deflate, sdch
Accept-Language:
es-419,es;q=0.8,en;q=0.6,en-US;q=0.4
Cache-Control:
no-cache
Connection:
keep-alive
Host:
Origin:
Pragma:
no-cache
Referer:
User-Agent:
Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36
- Las cabeceras parecen estar bien, en oros navegadores como Firefox funciona sin problema. Pero Chrome responde:
- Image from origin 'http://192.168.100.18:8081' has been blocked from loading by Cross-Origin Resource Sharing policy: Invalid response. Origin 'http://192.168.100.18' is therefore not allowed access.
No sé si es un error de Chrome o me falta algo para que la solicitud CORS este correcta.
Saludos.
