WAV3R-FAQ – Max Rainer

Using your own server as a music source in WAV3R (CORS setup)

WAV3R can load music from your own server (for example a VPS, NAS, or web hosting).
Because browsers protect users with CORS security rules, your server must allow WAV3R to access it.
Follow the steps below depending on what you use.

✅ 1. Your server must use HTTPS
WAV3R only works with secure servers.
✔ Correct

https://music.yourdomain.com
❌ Not supported

http://music.yourdomain.com

✅ 2. Allow WAV3R in your server’s CORS settings
Your server must send this HTTP header on music files and JSON:

Access-Control-Allow-Origin: https://www.wav3r.com
If this header is missing or wrong, the browser will block the music.

🔧 Example configurations
Nginx
Add this inside your server or location block:

add_header Access-Control-Allow-Origin "https://www.wav3r.com" always; add_header Vary "Origin" always;
Apache (.htaccess)

Header always set Access-Control-Allow-Origin "https://www.wav3r.com"
Cloudflare
Rules → Transform Rules → Response Header
Add:
Header name: Access-Control-Allow-Origin
Value: https://www.wav3r.com

✅ 3. Use the final (non-redirecting) URL
If your server redirects, WAV3R may not be able to load it.
✔ Use

https://www.music.yourdomain.com/library.json
❌ Avoid

https://music.yourdomain.com → redirects to www.music.yourdomain.com
Tip: Open the file directly in your browser — if it redirects, fix the URL.

✅ 4. JSON and text files must also allow CORS
Your server must allow WAV3R to read:
.json
.txt
directory listings (if used)
Some servers only allow CORS for images or audio — that is not enough.

✅ 5. If you use a Service Worker or “offline mode”
If your site uses a Service Worker:
It must not block cross-origin requests
Or it must forward them normally to the network
If you don’t know what this means, disable offline caching for your server.

🌍 Browser notes
Chrome / Firefox
Works immediately if CORS is set correctly
If it fails: clear site data for wav3r.com and reload
Safari (macOS / iOS)
Much stricter CORS rules
Make sure:
HTTPS is valid
No redirects
No self-signed certificates

🧪 Quick test (very important)
Paste your music file URL into the browser:

https://your-server.com/music/library.json
Then open DevTools → Network → Headers and confirm you see:

Access-Control-Allow-Origin: https://www.wav3r.com
If you don’t see it, WAV3R cannot load your server.

❌ Common mistakes
Using http:// instead of https://
Missing www or wrong subdomain
Server redirects before returning headers
Allowing * instead of https://www.wav3r.com
CORS enabled only for images/audio, not JSON

✅ Summary (TL;DR)
To use your own server with WAV3R:
✔ HTTPS
✔ No redirects
✔ Access-Control-Allow-Origin: https://www.wav3r.com
✔ JSON & text files allowed
✔ No blocking Service Workers
If those are true, WAV3R will load your music.