This repository has been archived by the owner on Jan 23, 2024. It is now read-only.
Test CORS Support #438
Labels
enhancement
New feature or request
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Is your feature request related to a problem? Please describe it.
Support for CORS in OAuth and FHIR servers that provide the standalone patient-facing SMART app launch flow varies between vendors (some of the largest vendors have support, but overall support is mixed). This capability enables browser based SMART apps to run without unnecessarily passing the PHI through a server, reducing the attack surface for some classes of apps. Unfortunately, vendor support is poorly documented.
Describe the solution you'd like to see implemented
While not part of the current version of the SMART or Argonaut specs, it would be great to include CORS support testing as an optional item in the community edition of the Inferno SMART launch and Argonaut query test suites.
The text was updated successfully, but these errors were encountered: