Cross-origin config. Closes #26

README.md

@@ -91,13 +91,27 @@ server {
     location /.well-known/ {
         alias /var/www/html/.well-known/;
     }
-
+    
+    # Allow cross-origin API access
+    location ~ ^/api/.*$ {
+        add_header Access-Control-Allow-Origin *;
+    }
+    
     location / {
         proxy_pass http://127.0.0.1:8080;
     }
 }
 ```
 
+One further change you might want to make to the file above is the cross-origin API access block. This is what's used on
+my own Spothole server to make sure that other third-party web-based software can get the data from my instance. If you want
+*your* Spothole instance to be set up the same way, so that others can write software in JavaScript that can access it,
+leave this intact. But if you want your Spothole instance to only be usable by scripts running on the web server you write,
+you can remove this block. (Note that this doesn't stop other people writing *non-web-based* software that accesses your
+Spothole API—the enforcement of cross-origin headers only happens within the user's browser. If you need to lock your
+instance down so that no-one else can access it with *any* software, that's an aspect of nginx config that you will need
+to find help with elsewhere.)
+
 Now, make a symbolic link to enable the site:
 
 ```bash

data/spot.py

@@ -96,6 +96,10 @@ class Spot:
         # Always create a GUID
         self.guid = str(uuid.uuid4())
 
+        # If we somehow don't have a time, set it to some far past value so it sorts at the bottom of the list
+        if not self.time:
+            self.time = datetime.min
+
         # Clean up DX call if it has an SSID or -# from RBN
         if self.dx_call and "-" in self.dx_call:
             self.dx_call = self.dx_call.split("-")[0]