I'm having CORS issues with fetch and have exhausted google. In the codepen below, I'm trying to hit flickr's open api for some images. You'll see two buttons. "Search with jquery" works fine, using $.getJSON.
Of course, I'd like to use Fetch. "Search with Fetch" doesn't work. When I try to send the same request, I get this error:
Fetch API cannot load http://api.flickr.com/services/feeds/photos_public.gne?tags=dog&tagmode=any. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://s.codepen.io' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
console_runner-ba402f0a8d1d2ce5a72889b81a71a979.js:1 TypeError: Failed to fetch(…)
When I add mode: 'no-cors', then all I get back is an opaque response that doesn't contain any data.
Try for yourself! http://codepen.io/morgs32/pen/OMGEpm?editors=0110
Would love a hand. Thanks.
Looks like the Flickr API is using JSONP.
If you run curl 'http://api.flickr.com/services/feeds/photos_public.gne?tags=asd&tagmode=any&format=json' -H 'Host: api.flickr.com' -H 'User-Agent: Mozilla/5.0 (X11; Linux x86_; rv:47.0) Gecko/20100101 Firefox/47.0' -H 'Accept: */*' in your console, you don't get a JSON response:
jsonFlickrFeed({
"title": "Recent Uploads tagged asd",
"link": "http://www.flickr.com/photos/tags/asd/",
"description": "",
"modified": "2016-02-16T18:34:00Z",
"generator": "http://www.flickr.com/",
"items": [
{
...
})
JSONP is automatically supported by getJSON, but not by fetch.
Related
Our app is in production for 2 years and has been able to create all 3 music video assets(music video, sound recording and composition) using YT data API requests. Since last week, we are receiving an error on composition asset create request. Music Video and Sound Recording asset create requests are working fine as usual.
YT API Error:
vagrant$ curl -X POST -H "content-type: application/json" -H "user-agent: Yt::Request (gzip)" -H "authorization: Bearer ya29.XXXXXXXX_O3pRQWtbrQ5dHn5BV6SiiGxkawq26LksyUy1LjwtG27Vs9e9-XXXX" -H "host: www.googleapis.com" -H "content-length: 193" -d '{"type":"composition","onBehalfOfContentOwner":"xxxxxxxxxxxxxxxx","metadataMine":{"customId":"9c3e6533a06cac4e","writer":["DeAndre \"Drizzo Man\" White, Daniel Kováč"],"title":"Ready"}}' "https://www.googleapis.com/youtube/partner/v1/assets?onBehalfOfContentOwner=xxxxxxxxxxxxxxxx"
{
"error": {
"errors": [
{
"domain": "global",
"reason": "forbidden",
"message": "Forbidden"
}
],
"code": 403,
"message": "Forbidden"
}
}
It is stated in this documentation YouTube Data API - Errors, that forbidden (403) error means:
forbidden (403) - Access forbidden. The request may not be properly
authorized.
So try to check if you properly implement the OAuth authorization in your project.
I want to create a skype bot and am referring to https://developer.microsoft.com/en-us/skype/bots/docs/api/chat , for authorization the doc refers to https://azure.microsoft.com/en-us/documentation/articles/active-directory-v2-protocols-oauth-code/ but it is unclear about the scope to be mentioned for using skype bot apis.
So can anybody tell me how to obtain authorization token for making skype bot rest api calls.
try this
curl -X POST -H "Cache-Control: no-cache" -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=<your-app-id>&client_secret=<your-app-secret>&grant_type=client_credentials&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default' 'https://login.microsoftonline.com/common/oauth2/v2.0/token'
I'm trying to try token access to the skype bot.
I have also tried the above mentioned cURL function in "POSTMAN" but I have this return message:
{
"error": "invalid_request",
"error_description": "AADSTS90014: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: 53dcaec0-...\r\nCorrelation ID: d6d650ec...\r\nTimestamp: 2018-01-15 09:53:04Z",
"error_codes": [
90014
],
"timestamp": "2018-01-15 09:53:04Z",
"trace_id": "53dcaec0-...",
"correlation_id": "d6d650ec-..."
}
The following is a header and body structure in POSTMAN:
HEADER
Content_type: application/x-www-url-form-urlencoded
Cache-Control: no-cache
BODY
client_id=&client_secret=&grant_type=client_credentials&scope=https%3A%2F%2Fgraph.microsoft.com%2F.default
In BODY I replace the fields client_id and client_secret with the correct codes provided during registration.
Thanks to the availability...
So I got the data that is being sent to a specific server. Now I want to do the same using curl from my local machine to play around with specific repsonses from the server and learn more about curl as well.
Here is part of my data
POST /auth HTTP/1.1
platform: android
X-Auth-Token: <censored>
Content-Type: application/json; charset=utf-8
Host: api.blabla.com
Accept-Encoding: gzip
And the data that is being sent:
{"blabla_token": "sdsadsad", "blahblah_id": "23213", "locale": "us"}
Now when I try cURL in my dos shell, I try
curl --insecure -X POST https://api.blabla.com/auth --data '{"blabla_token": "sdsadsad", "blahblah_id": "23213", "locale": "us"}'
The response I get from cURL is this:
{"code":401,"error":"blablaTokenRequired"}
Even though I specified the token. So there are two possible scenarios because the token is correct:
It has something to do with the SSL thing? (I use --insecure because I get an SSL error otherwise)
Something about my command is not correct but I can't figure out what.
Can someone kindly help me out? I am trying everything I can without success
I am not sure if I understand your application specific right, but probably one thing you need to take into account:
man curl says:
-d, --data <data>
(HTTP) Sends the specified data in a POST request to the HTTP server, in the same way that a browser does when
a user has filled in an HTML form and presses the submit button. This will cause curl to pass the data to the
server using the content-type application/x-www-form-urlencoded. Compare to -F, --form.
-d, --data is the same as --data-ascii. --data-raw is almost the same but does not have a special interpreta‐
tion of the # character. To post data purely binary, you should instead use the --data-binary option. To URL-
encode the value of a form field you may use --data-urlencode.
As I can't see in your example the necessity of sending data as HTML form input, probably your application expects just a "raw" POST body and then you have to try this:
curl --insecure -X POST https://api.blabla.com/auth --data--binary '{"blabla_token": "sdsadsad", "blahblah_id": "23213", "locale": "us"}'
PS and for sure this is error is not about using --insecure which just asks curl to neglect ssl verification
you forgot the headers and enabling compressed encoding (gzip), however, i believe you can't force curl to only support gzip encoding using the curl command line alone, you will have to use libcurl, this will make the request say "Accept-Encoding: gzip,deflate" on most systems, using --compressed .. if that's not acceptable to you, rewrite it using libcurl (where you can force it to say only "gzip", if you wish, via CURLOPT_ENCODING )
curl -X POST https://api.blabla.com/auth --data '{"blabla_token": "sdsadsad", "blahblah_id": "23213", "locale": "us"}' --header 'platform: android' --header 'X-Auth-Token: <censored>' --header 'Content-Type: application/json; charset=utf-8' --header 'Host: api.blabla.com' --compressed
another gotcha: on some systems, there will be a default useragent header (like debian 6), while on some systems, curl comes without a default useragent (like debian 8).. you might want to use --user-agent '' too
Well ,
i m hitting a simple PhoneVerify Request from my localhost which have enterprise proxy .
i have configured my Proxy setting using below link.
Can't access to production endpoint with WSO2 API Manager - entreprise proxy
But I m Getting The Same Response code 0 and Blank Response Body.
Here Is a the curl and Request URL :
Curl
curl -X GET --header "Accept: application/json" --header "Authorization: Bearer b9d93ac569bec1721716e1422b852b" "https://192.168.78.153:8244/phone/1.0.0/CheckPhoneNumber?PhoneNumber=8888888888&LicenseKey=0"
Request URL
https://192.168.78.153:8244/phone/1.0.0/CheckPhoneNumber?PhoneNumber=8888888888&LicenseKey=0
Response Body
no content
Response Code
0
Response Headers
{
"error": "no response from server"
}
[ base url: /phone/1.0.0 , api version: 1.0.0 ]
Since you are behind a proxy with port set through http.proxyPort, You have to use port 1234 instead of 8244.
I'm trying to add a user to a Github repository via their API, but I always get a 502 Bad Gateway error.
With curl I send a request like this (<...> replaced by a real owner, repo, etc.):
curl -i -H 'Authorization: token xxxxxxxxxx' -XPUT https://api.github.com/repos/<owner>/<repo>/collaborators/<username>
I also tried it with this url:
curl -i -H 'Authorization: token xxxxxxxxxx' -XPUT https://api.github.com/teams/<id>/members/<username>
As token I used a newly created Personal Access Tokens
But both times I get this back
HTTP/1.0 502 Bad Gateway
Cache-Control: no-cache
Connection: close
Content-Type: text/html
<html><body><h1>502 Bad Gateway</h1>
The server returned an invalid or incomplete response.
</body></html>
A GET on each URL works fine but a DELETE doesn't work either. So maybe it has to do with curl.
Quoting the reply from GitHub's support with changes in italic:
You're just getting trolled by HTTP and curl.
When you make a PUT request with no body, curl doesn't explicitly set a Content-Length header for that request. However, PUT requests with no Content-Length confuse servers and they respond in weird ways.
Can you please try explicitly setting the Content-Lenght header to 0, or supplying an empty body when making that request (so that curl can set the header for you)? You can accomplish that adding -d "" in your command.