I'm trying to access the nightscout endpoints via the rest api, as described in:
I have set "cors" in the "ENABLE" variable, and also set CORS_ALLOW_ORIGIN : "*" variable and now I'm trying to access the ..../api/v1/experiments/test with axios sending the "API-SECRET" header with the api secret in the form of sha1, but I'm getting:
Access to XMLHttpRequest at 'https://<myname>.herokuapp.com/api/v1/experiments/test' from origin 'http://localhost:8081' has been blocked by CORS policy: Request header field api-secret is not allowed by Access-Control-Allow-Headers in preflight response.
Any ideas, does this look like a bug of the "API-SECRET" not being in the list of allowed headers in:
res.header('Access-Control-Allow-Headers', 'Content-Type, Authorization, Content-Length, X-Requested-With');
Small question I want to start the adventure of the closed loop thanks to FreeStyleLibre-2 (FSL-2) + OOP2 + xDrip + AAPS (AAPS + RileyLink in a second time when all the configuration with xDrip + FSL-2 will be totally OK) but the question is whether my choice to use T1Pal is compatible with my FSL-2 + OOP2 + xDrip devices because on https://nightscout.github.io/vendors/T1Pal/new_user/ it is null part indicated that the FSL-2 data may well be sent on the T1Pal service.
I am in total capacity hosting in DIY mode but I want to use the T1Pal service to reward the work and development that has been done so far as well as ensured my data and understand all the connections between the different equipment.
So you can confirm or NOT if T1Pal can match my desired equipment scheme.
Sorry for the English translation not great I am French.
Have a good day