My question is an extension of this one.
I am using JavaScript to post videos to the v2 YouTube API, via Plupload (HTML5 runtime). I am using OAuth2 to get authorized tokens and a CORS request to set the metadata. I am able to upload videos successfully, but the 302-coded response returned by YouTube gets lost. I am not able to retrieve the ID of the uploaded video, which would ordinarily be present as a GET parameter of the URL redirected to as part of the 302 response.
After uploading the video, how can I get the ID of the video?
It seems like xhr.getResponseHeader(location) would give it to me, but it is undefined with Plupload. Is this because Plupload is overriding the default XMLHttpRequest object and only exposing certain attributes? If I used vanilla XMLHttpRequest objects, would it work OK? Can the 302 be intercepted in all browsers?
Related
I am trying to read the docs on Safari Inspector's Local Overrides here. It talks about Request and Response overrides, but I am not understanding the difference between the two.
I am trying to make edit a request to make it send a different value than what's currently being send. Is it possible with request overrides?
I have a personal website using SoundCloud API to play my favorites tracks in the page.
It was working and i have not done any change or work but now i see that the songs can not be played anymore, i check in the network console and i see two requests, one is returning 302 redirect and the other is returning 404 ( not found ).
404 Not Found
You're asking for something that doesn't exist. Check the URL that you're requesting.
See the image in attached
How can i figure this out? I do not know if it is related to my client id or some other Soundcloud API issues or changes.
I have recently moved from HTTP to HTTPS but I'm getting security warnings because the pictures from ebay API are still transferring over HTTP. Does any API user know of a way to get gallery url or picture url over HTTPS?
I have tried making a call through HTTPS like this https://open.api.ebay.com/xxxxx but obviously it won't work. Is there a parameter option for returning HTTPS link?
A returned data in a successful call from GetSingleItem API is like this:
<GalleryURL>
http://thumbs1.ebaystatic.com/pict/xxxxx.jpg
</GalleryURL>
<PictureURL>
http://i.ebayimg.com/00/s/ODUwWDgwMA==/z/xxxx.JPG?set_id=xxxx
</PictureURL>
I have had the same issue, I used galleryURL property of SearchItem object returned by ebay Finding API, but found that even galleryURL provides insecure link to image, the same image available on if I replace http with https.
I'm trying to use the API via JSONP - making a request like:
https://partner.api.beatsmusic.com/v1/api/search/federated?callback=beatsCallback&q=cats&client_id=XXXXX
But the response just comes back as pure json - not wrapped in a callback. Are callbacks supported?
Beats Music supports CORS which allows javascript on a page to make requests to another domain, not the domain it originated from. Thus, you do not need to use JSONP and can access the json in a traditional manner.
I am working with Flickr's REST API and it's working fine. By that, I mean I'm making an AJAX call to the Flickr API and getting a JSON object back, parsing the object, etc. etc.
But this raises a question in my mind. If browsers follow the same-origin policy, then how can they make these types of API requests?
This DEMO fiddle is working, but it sends a cross-domain request to the Flickr domain.
How does this cross-domain request work?
The cross-domain request:
$.getJSON("http://api.flickr.com/services/feeds/photos_public.gne?id=" +
id + "&lang=en-us&format=json&jsoncallback=1");
What you need to understand is that, while browsers do enforce the same origin policy (SOP), there are exceptions when SOP is not enforced. For example, if you have an HTML page - you can insert <img> tags that point to images on any domain. Therefore, the SOP doesn't apply here and you are making a cross-origin HTTP GET request for an image.
The demo you linked to works since it uses a mechanism that works in a similar way. The mechanism is called JSONP - http://en.wikipedia.org/wiki/JSONP and I suggest you read the wiki entry and some other blog posts. In essence, JSONP dynamically injects <script> tags to send a request to any domain (the parameters of the request are added as URL query params), since the same origin policy does not apply to <script> tags (as it doesn't apply to <img> tags).
Another way to invoke REST APIs on other domains is to use the cross-origin resource sharing mechanism (CORS) - http://en.wikipedia.org/wiki/Cross-origin_resource_sharing. In essence, this mechanism enables that browsers don't deny cross-origin request, but rather ask the target service if it wants to allow a specific cross-origin request. The target service tells the browser that it wants to allow cross-origin requests by inserting special HTTP headers in responses:
Access-Control-Allow-Origin: http://www.example.com