I've been playing around with home-grown UPNP/DLNA Browsing.
What I manage to do is a shell script based approach using curl to query the Server and xsl processing to make html pages out of the answers.
Next I thought I could build all this into javascript/kind of interactive browser page. But now I hit the CORS issue as the requests are preflighted by the browser (they are not preflighted when using curl and the server speaks no CORS, just UPnP). Some simplest code trying to get the root of the upnp tree:...
<html>
<head>
<script language="javascript">
function newx() {
var h = new XMLHttpRequest();
h.open("POST", "http://hcds6106:50001/ContentDirectory/control", true);
h.onreadystatechange = processme;
h.setRequestHeader("SOAPACTION",'"urn:schemas-upnp-org:service:ContentDirectory:1#Browse"');
h.setRequestHeader("Content-Type", "text/xml; charset='utf-8'");
h.send('<?xml version="1.0" encoding="utf-8"?><s:Envelope xmlns:ns0="urn:schemas-upnp-org:service:ContentDirectory:1" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><ns0:Browse><ObjectID></ObjectID><BrowseFlag>BrowseDirectChildren</BrowseFlag><Filter>*</Filter><StartingIndex>0</StartingIndex><RequestedCount>0</RequestedCount><SortCriteria /></ns0:Browse></s:Body></s:Envelope>');
}
function processme()
{
alert(this.status);
}
</script>
</head>
<body onload="newx();"/>
</html>
Clearly the browser (Firefox 47.0) hits
Cross-Origin Request Blocked: The Same Origin Policy disallows reading
the remote resource at http://hcds6106:50001/ContentDirectory/control.
(Reason: CORS header 'Access-Control-Allow-Origin' missing).
Is there any reasonable way I can tell my browser to skip the CORS stuff in this case because the server was not made for it? For Firefox or any other common UserAgent? I can't believe it can be so simple without a browser and close to impossible to get it interactive inside browser.... TIA!
