Testing Javascript updates against lists.apache.org

[sebb <se...@gmail.com>]

Many of the outstanding issues relate to the Javascript code.

It would be useful to be able to test GUI updates against live data.

One potential way to do this is to install the JS on a local server,
and redirect the /api/* URLs to the live server.  However the JS
cannot access the JSON data from the remote site because of CORS.

Is there any reason not to allow:

Access-Control-Allow-Origin: *

on the lists.apache.org server?

Assuming that it is safe to add such redirects, that would make it
very easy to be able to allow testing of different versions of the GUI
on the VM host when it is set up.

If not, I have found that it's relatively simple to set up a proxy
from the local host to lists.a.o.
Even login works if the cookies are propagated. However this
potentially exposes the login cookie so is probably not advisable for
a public server.