i am trying to download a file from facebook, for example
https://www.facebook.com/download/847027648649013/36654984.doc
using jquery's ajax (not to disk, to js variable...).
since this is for debug purposes i disabled my chrome's 'same origin policy' using -allow-file-access-from-files -disable-web-security
the problem is - im getting 404 while if i put this link in a new browser tab ill get 302 and then a redirect to the actual file.
how would i download this file?
thanks!
You can get the contents of the file using a jquery get function.
The site you are trying to get the file can not container a No Access-Control-Allow-Orign header,
If it does you will recieve the following javascript error:
XMLHttpRequest cannot load https://www.facebook.com/download/847027648649013/36654984.doc". No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://fiddle.jshell.net' is therefore not allowed access.
If you have permission to access the file from another domain or from a file not hosted in the same domain in other words you can you use the following JQuery code:
var url = "https://www.facebook.com/download/847027648649013/36654984.doc";
$.get(url,
function(data){
//store the file contents in the result variable
var result = data;
});
i ended up using a php proxy.
using php's curl solved both sop problem (no need for -disable-web-security) and does the redirect automatically. now i only need to parse the result....
Related
I have a web page with links towards other web pages. Once an user clicks in one of those links, a cookie is created, so in case he makes a purchase in the web page, the info related to this link is sent to us through an "API call".
So far, the code I have used in the following:
var storeCookie = getCookie("COOKIE_NAME"); //gets the cookie if it was previously created
if(tiendaCookie!=""){
var request = new XMLHttpRequest();
var url="URL TO A .PHP FILE IN MY SERVER";
peticion.open("POST",url,true);
peticion.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
peticion.send("PARAMETERS OF THE CALL")
The web pages with links on our web page added this code to their web page so the affiliation system can work but we found that when that code is called, the following is returned:
Cross-Origin Read Blocking (CORB) blocked cross-origin response "URL TO A .PHP FILE IN MY SERVER" with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.
I know this is not the right way to set up an API endpoint but I have no knowledge about how to proceed. I was going to try this plugin (https://wordpress.org/plugins/rest-api/) but it looks it is not supported in the latest versions of Wordpress.
What would be the right way to do what I am trying?
Thank you.
EDIT
I have done some more research and I have discovered that the problem might be in my .PHP file, because of:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
But I have this code on the .PHP file:
header("Access-Control-Allow-Origin: *");
What can I be missing?
I have uploaded WordPress manually on freewebhostingarea.com using my own domain. When I create a new page in Wordpress, I get some errors in javascript console (attached image1) but it lets me add/edit content. When I try to publish the page, I get the error 'Updating failed' and javascript console gives additional errors (attached image2) as below:
"Access to fetch at 'http://e.freewebhostingarea.com/not-found.html' (redirected from 'http://www.shia-match.com/wp-json/wp/v2/pages/16/autosaves?_locale=user') from origin 'http://www.shia-match.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."
What could I be doing wrong?
Errors when creating a new WordPress page,
Errors when trying to publish page
Just had this same problem, the cross origin (CORS) policy blocking fetching by the https:// version of a site from the https://www version.
mediaguru’s answer alerted me to check the wp-config file. I found that I had added these lines, and so removed them:
define('WP_HOME', 'https://www.example.com');
define('WP_SITEURL', 'https://www.example.com');
I then rechecked WP’s Settings > General > WordPress Address (URL) and Site Address (URL). Prior to my edit of the wp-config file, they had displayed the www URL, but greyed out and non-editable. Now they had both reverted to the non www version of the URL (and were editable).
On my (Dreamhost) server, the canonical URL is set to www. So I changed the Settings > General URLs to www and… bingo. Solved.
It sounds like you just copied your wordpress files and db from one location to another? If so, you will need to change settings in your wordpress config as well as in your database to make sure the new location is not referring to the old location's database or files.
Json issues with javascript and jquery.
Trying to load some JSON using javascript.
I have it working using:
See it here: http://jsfiddle.net/5pjha/789/
var url = "http://maps.googleapis.com/maps/api/geocode/json?address=1600+Amphitheatre+Parkway,+Mountain+View,+CA&sensor=true";
$.getJSON(url, function (json) {
alert(JSON.stringify(json.results));
});
But it dosnt work on the following urls, why is this?
https://poloniex.com/public?command=return24hVolume
https://bittrex.com/api/v1/public/getmarkets
https://api.mintpal.com/v1/market/summary/
Are the following urls not correct JSON ?
Thanks
The google's api set the Access-Control-Allow-Origin header to *, so you could access it by cross domain.
While other urls you provided do not, so you will got an error like below:
XMLHttpRequest cannot load https://api.mintpal.com/v1/market/summary/.
No 'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://fiddle.jshell.net' is therefore not allowed
access.
I believe the issue is down to whether or not the servers you are requesting your JSON from have cross-origin resource sharing (CORS) enabled.
you can see in the headers from the google service that they set Access-Control-Allow-Origin:* This is not the case for teh other URL's you list.
To get around this you will need some form of proxy so that you can request from a server either on the same domain or a server that enables CORS.
For ajax request to any server, You need to define Access-Control-Allow-Origin header for client. which is absent in given. You need to define origin of XMLHttp request in server who can request.
For more info refer this link
I'm learning JavaScript, and by now I'm stuck in a problem that I'm not understanding. This problem is related with jQuery.get, CORS, jQuery.getJSON and JSONP.
Let's say that I'm writing an html file with some scripts which is accessing to a URL with some JSON content. The html file is in my local file system, and looks like this:
<!DOCTYPE html>
<head>
<title>Test</title>
<script src = "test.js"
charset = "UTF-8"></script>
<script src = "jquery/jquery-1.9.1.js"
charset = "UTF-8"></script>
</head>
<body>
<h1>Test</h1>
<script type="text/javascript">
queryAuctionFiles('eu', 'tyrande');
</script>
</body>
The function queryAuctionFiles, called in the body script tag, is the following:
// File: test.js
function queryAuctionFiles(realm, server)
{
var url = 'http://' +
realm +
'.battle.net/api/wow/auction/data/' +
server;
jQuery.get(url, function(data)
{
alert( "Eureka!" );
});
}
Opening the html with my Chrome browser (V 32.0.1700.76 m) the following error occurs:
XMLHttpRequest cannot load http://eu.battle.net/api/wow/auction/data/tyrande. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
Googling around I was able to learn that this error is due that the resource acquisition from some domain (my local file system) to another (eu.battle.net) is forbidden due to security reasons.
I’ve also read that this cross domain requests could be achieved with CORS, but if I’m not mistaken, this CORS stuff must be enabled in both sides of the petition; in my case: my Chrome must support CORS and eu.battle.net must have it enabled, how can I can find out if some domain supports CORS?
While looking for a solution for my problem, I’ve found about the jQuery.getJSON method, so I’ve gave it a try, but the result was the same, the following code:
jQuery.getJSON(url, function(data)
{
alert( "Eureka!" );
});
Produces the same No 'Access-Control-Allow-Origin' error, at first, I was thinking that the error is produced because the given url isn’t a JSON file, but it is without doubt a cross domain error. When I was thinking about giving up, I’ve read about JSONP and how it is managed by jQuery:
If the URL includes the string "callback=?" (or similar, as defined by the server-side API), the request is treated as JSONP instead.
So, I made the following change:
jQuery.getJSON(url + '?callback=?', function(data)
{ //^~~~~~~~~~~~~
alert( "Eureka!" );
});
And after that, I get a different error:
Uncaught SyntaxError: Unexpected token :
And, the file name where the SyntaxError is marked is tyrande on line 1, the contents of this tyrande file looks like this:
{"files":[{"url":"http://eu.battle.net/auction-data/d5357dc91898b3f78edfd1fbbe8867e8/auctions.json","lastModified":1390475765000}]}
This contents are the input I was expecting in the anonymous function passed as second parameter to getJSON!
It seems that the getJSON has downloaded a file named tyrande, from the url provided, and then eval() its contents, this contents are a JSON input and therefore, isn’t a valid JavaScript evaluable string.
Now that I’ve explained in detail what have I tried, and knowing my goal, lemme ask:
In order to acquire remote resources, it matters if the html file is in my file system or into a remote server?
Is the CORS something that must be enabled? how do I enable it on my scripts? how I must test if a remote resource supports CORS?
If I’m using jQuery.getJSON, it matters if the resource address isn’t a JSON file?
What is that I’m doing wrong in my last change? why is a file named tyrande being downloaded and then its contents being eval()uated?
Thanks for your attention
It is impossible. Cross domain policy won't allow you to fetch a file from different domain.
Check this one out
I am trying to read a text file from the server using the below code. I am not able to access it but when I just have that text file local then its working fine. Please let me know what to do
$(document).ready(function(){
$.get('http://.../admin/ReleaseNotes/FY13/UpcomingChanges.txt', function(contents) {
$("#contentArea").val(contents);
},'text');
});
You are trying to request a document on a different domain to the one the request is being made from. Same Origin Policy will stop this request completing. There are ways to circumvent this policy though. You can find information in this answer: Ways to circumvent the same-origin policy
You could also try the following tutorial which will show you how to do a cross domain ajax request with YQL and jQuery.
http://net.tutsplus.com/tutorials/javascript-ajax/quick-tip-cross-domain-ajax-request-with-yql-and-jquery/