I'm trying to do some searching in Twitter using jQuery. Unfortunately, It's returning only:
https://api.twitter.com/1.1/search/tweets.json?q=django 405 (Method Not Allowed)
XMLHttpRequest cannot load https://api.twitter.com/1.1/search/tweets.json?q=django.
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
Here's the code:
(function(){
var Twitter = {
init: function(){
this.url = 'https://api.twitter.com/1.1/search/tweets.json?q=django';
this.fetch();
},
fetch: function(){
$.ajax({
url: this.url,
type: 'GET',
dataType: 'json',
success: function(data){ console.log(data); },
error: function(data){ console.log(data); },
beforeSend: this.setHeader
})
},
setHeader: function(xhr){
xhr.setRequestHeader('X-HostCommonName', 'api.twitter.com');
xhr.setRequestHeader('Authorization', 'OAuth my_oauth_data');
xhr.setRequestHeader('Host', 'api.twitter.com');
xhr.setRequestHeader('X-Target-URI', 'https://api.twitter.com');
}
};
Twitter.init();
})();
I've tested the same query with the same headers using REST Console extension for Google Chrome and It worked.
Well, It looks like (here's the info) you can't do OAuth authentication on client side.
So, the only solution here is to code this thing to be invoked on your server.
Related
I'm trying to fetch all the Steam apps using the Steam API.
JavaScript:
var previewUrl =
"http://api.steampowered.com/ISteamApps/GetAppList/v0002/?key=mysteamkey&format=json";
$.ajax({
type: 'GET',
url: previewUrl,
success: function(data) {
console.log(data);
},
error: function(e) {
console.log(e.message);
}
});
But it gets me this error on console:
Access to XMLHttpRequest at 'http://api.steampowered.com/ISteamApps/GetAppList/v2/?key=mysteamkey&format=json' from origin 'http://localhost:5000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Try to add crossDomain: true and it should fix it .
var previewUrl =
"http://api.steampowered.com/ISteamApps/GetAppList/v0002/?key=mysteamkey&format=json";
$.ajax({
type: 'GET',
crossDomain:true,
url: previewUrl,
success: function(data) {
console.log(data);
},
error: function(e) {
console.log(e.message);
}
});
I want to call an OAuth2 service with grant_type password.
I am using Backbone with Jquery.
Parameters for the POST:
grant_type=password
client_id=[YOUR_APP_ID]
client_secret=[YOUR_CLIENT_SECRET]
username=[USER_NAME]
password=[USER_PASSWORD]
I have tried several NPM plugins but all give error.
I have created a custom post AJAX but this also does not work:
var results = $.ajax({
// The URL to process the request
url : "https://app1pub.smappee.net/dev/v1/oauth2/token",
type : "POST",
data : {
grant_type : "password",//jshint ignore:line
username: "myuser",
password: "secret",
client_id: "myclient",//jshint ignore:line
client_secret: "clientSecret"//jshint ignore:line
},
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Bearer $token");
xhr.setRequestHeader("Access-Control-Allow-Origin", "*");
},
dataType: "json",
contentType: "application/x-www-form-urlencoded",
success: function(response) {
//console.log(response);
console.log(response.access_token);//jshint ignore:line
data.access_token = response.access_token;//jshint ignore:line
//tokenGranted();
}
});
return results.responseText;
(see fiddle: https://jsfiddle.net/gf70sss5/)
All give me the error:
"XMLHttpRequest cannot load https://app1pub.smappee.net/dev/v1/oauth2/token. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9000' is therefore not allowed access."
Does anyone know a NPM plugin which works with the password granttype? Preferrably with an example. I have tried a few (like simple-oauth2) but I can't get any working.
Or an AJAX call which does work? Or what I am doing wrong?
Try this, but i've still a problem with the "Access-Control-Allow-Origin" error
var url = 'https://app1pub.smappee.net/dev/v1/oauth2/token';
// ajax call
$.ajax({
type: "POST",
url: url,
data: {"grant_type": "password", "client_id": client_id, "client_secret": client_secret,"username": username,"password": password},
beforeSend : function(xhr) {
xhr.setRequestHeader("POST", "/dev/v1/oauth2/token HTTP/1.1");
xhr.setRequestHeader("HOST", "app1pub.smappee.net");
xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded;charset=UTF-8");
},
error : function() {
// error handler
},
success: function(data) {
// success handler
alert(data["access_token"])
}
I have a server running a service, I want to run at some interval a ping request to the service so I can know when it's ready or not.
Got the following ping.dat file:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:dvt="[private]">
<soapenv:Header />
<soapenv:Body>
<dvt:Ping/>
</soapenv:Body>
</soapenv:Envelope>
And the following Javascript functions (which will be included into the setInterval() function):
function doAjax() {
//load request document
$.ajax({
cache: false,
crossDomain: true,
async: true,
dataType: 'xml',
type: 'POST',
data: null,
url: "./ping.dat",
error: function(xhr, sta, err){ alert(err); },
success: function(ret, sta, xhr){
//ping service
$.ajax({
cache: false,
crossDomain: true,
async: false,
processData: false,
contentType: "text/xml; charset=\"UTF-8\"",
dataType: 'xml',
data: processXML(xhr.responseText),
type: 'POST',
url: "[private]",
error: function(xhr, sta, err){
alert(err);
},
success: function(ret, sta, xhr){
$('#response').text($.trim(ret));
},
complete: function(xhr, sta){
alert('complete');
},
});
}
});
}
function processXML(text){
var ret = null;
if ((typeof(ret) !== 'undefined')&&(text !== null)&&(text.length !== 0))
ret = $.trim(text.replace(/[\n\t]+/g, ''));
return ret;
}
When I use SoapUI to call the service and load the ping request, it works.
When I use the JS functions, browser reports:
OPTIONS [private] 200 (OK) jquery-1.10.2.js:8706
XMLHttpRequest cannot load [private]. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
What's causing this?
The message is clear: No 'Access-Control-Allow-Origin' header is present on the requested resource.
If you are indeed doing a cross domain Ajax request, then the server must respond with the appropriate HTTP headers. Browser issues an OPTIONS HTTP request and checks to see if the server "approves" access by looking at the received headers. If the headers are missing then the browser is obligated to return an error and disallow the request to the resource.
See here for details: HTTP access control (CORS)
SoapUI is not affected by the same origin security policy like a browser is, so that's why pinging the web service from SoapUI works.
I'm currently having issues making an external GET request for an API that I need to call and retrieve data from dynamically in JSON. Does anyone know what below may be incorrect? The main issue seems to be that the header information for the Authentication field is not being set correctly and that javaScript can't call out of local domains. I desperately need a work around to this : (error: XMLHttpRequest cannot load http://www.website.com/api.php. Origin http://localhost is not allowed by Access-Control-Allow-Origin.)
function requestDealer(url)
{
alert("looking up dealer");
var request = new XMLHttpRequest();
$.ajax({
url:url,
type: 'GET',
data: null,
Accept : "application/json",
contentType: "application/json",
success: function() { alert('hello!'); },
error: function() { alert('boo!'); },
beforeSend: setHeader
});
}
function setHeader(xhr) {
xhr.setRequestHeader('Authorization', 'NLAuth nlauth_account=23984390, nlauth_email = email#email.com, nlauth_signature= myPwrd');
xhr.setRequestHeader('Content-Type', 'application/json');
}
When executing the following code:
url= "http://192.168.2.171/LoginAuthentication";
$.ajax({
url: 'url',
type: 'GET',
success: function(res) {
var headline = $(res.responseText).find('a.tsh').text();
alert(headline);
}
});
I get this error:
Object XMLHttpRequest cannot load 'url'. Origin null is not allowed by Access-Control-Allow-Origin.
Browsers do not allow you to request resources from another domain (images and script files are the notable exceptions to this rule). Refer to this documentation for details and workarounds.
url="http://192.168.2.171/LoginAuthentication";
$.ajax({
url: url,
type: 'GET',
success: function(res) {
var headline = $(res.responseText).find('a.tsh').text();
alert(headline);
}
});
But it may not work if you are not making a request to the same domain