All Questions
Tagged with access-control javascript
59 questions
1
vote
1
answer
726
views
How to get data from Quizlet without API using Node.js
The Quizlet API has been dead for a while but I want to work on a project that uses their study sets. I spent a while trying to find an API to use but there were many misleading claims; some say the ...
- 195
-1
votes
2
answers
1k
views
I have problems with Post method in my CORS? [duplicate]
I am developing an app with my own sever, i configured my cors with to by client-side host only. Everything seems to be fine i can request data from my database using the GET, but whenever my trying ...
- 17
0
votes
1
answer
8k
views
How to solve `Access to XMLHttpRequest from Origin is has been blocked by CORS policy.` error?
I am creating a simple chat application. I am using JavaScript and NodeJS. But when I try to run the application it gives me this below error in the console.
Access to XMLHttpRequest at 'http://...
2
votes
2
answers
497
views
How to access component via ActivatedRouteSnapshot?
Use case
Guard components using CanActivate of Angular Guard.
Sample Route
{
path: "my-path",
component: MyComponent,
canActivate: [AuthGuard]
}
MyComponent as sample component
export ...
- 1,868
8
votes
2
answers
147k
views
CORS: response to preflight request doesn't pass access control check - How to solve it on localhost?
I am quite a beginner with JavaScript and I am trying to write a script that checks whether a website, let's say https://example.comreturns 404 status code or 200, and depending on the result, I'll ...
- 2,586
1
vote
0
answers
337
views
How to use CASL to limit the field value to be patched(updated)?
After reading the guides and searching google for some time, I couldn't find a way in CASL to solve my usecase.
Expected
A common user can only patch his appointments.
A common user can only patch ...
- 11
-1
votes
1
answer
345
views
Basic HTTP authentication with JS - Authentication blocked by CORS policy, credentials stripped from URL
I believe that there's a number of questions here that cover similar areas, however, I couldn't find a concrete answer to my problem.
I am trying to programmatically (in Javascript) access an IP ...
- 21
4
votes
1
answer
832
views
mongoose convert all leaned ObjectIds to String format
I'm using mongoose-paginate-v2 to paginate my documents, and I use lean=true to make them a plain Object (I want to filter them using accesscontrol.
When I get the leaned Objects , all ObjectIds are ...
- 308
1
vote
0
answers
477
views
AWS API Gateway CORS-header 'Access-Control-Allow-Origin' missing
I am currently facing a problem regarding the access from my simple frontend to my API i created in API Gateway.
I've enabled CORS on the used ressource as shown in the picture:
Here is the code for ...
- 794
2
votes
1
answer
221
views
Reactjs can't read smart contract?
I have a project in ReactJs where I use web3.js to read from the smart contract and I an Ethereum client provided by Infura. Problem is, when I access my project in Google Chrome, everything works ...
- 419
1
vote
2
answers
8k
views
How to make a CORS request from the client [duplicate]
im trying to make a simple request to an API
fetch('someurl').then((data) => console.log(data))
but im getting the classic No 'Access-Control-Allow-Origin' header is present on the requested ...
- 353
9
votes
2
answers
5k
views
IE CORS - Access-Control-Allow-Headers error even though headers are specified
I'm currently submitting an AJAX request on a web page to an API endpoint which works in Chrome and Firefox but not in IE.
The error message I'm getting in IE's dev tools is:
SEC7123: Request header ...
- 651
0
votes
3
answers
494
views
How to retrieve JSON data from Angular request to access another domain's resources?
I have a strange problem that I have been working on for a couple of days.
The problem is related to Cross-Origin Resource Sharing(CORS), I am making an Angular GET request and able to see in the ...
0
votes
0
answers
19
views
Fetch API: No 'Access-Control-Allow-Origin' error even after adding "Access-Control-Allow-Origin": "*" to my headers [duplicate]
I know other questions like mine have been asked and answered, and most of them suggested adding "Access-Control-Allow-Origin": "*" into the header. However, even after doing so, I'm still getting the ...
- 1
0
votes
2
answers
42
views
"No 'Access-Control-Allow-Origin' is present on the requested resource" error for css file
I created an sdk. When the css file is to be loaded, it gives this error.
The css file includes a .woff2 url for the font.
Even after removing that part of the code, the error persists.
I don't ...
- 411
0
votes
0
answers
964
views
CodePen Console Blank and Google Chrome Console Displaying "Failed to Load....", Even Though No Errors Showing in Text Editor
Goodmorning. I am writing JavaScript code for my Wikipedia web app, and no errors are being highlighted in the text editor, yet my CodePen console is showing blank, and my Google Chrome developer ...
- 145
1
vote
3
answers
85
views
Not able to fetch details at random order from API by using JSONP
There's this randomQuote API that I want to call using jQuery. When I call the API using the specified params in postman, I am getting random quotes on every click. But when I used jQuery in my ...
- 803
1
vote
1
answer
171
views
My API URL is Correct and the HTTP(S) is Correct, but Console.log() Comes up Blank? Why?
I can't get any API urls to work! All of my JavaScript code is correct, so I don't know what the problem is.
My CodePen console and Google Chrome developer console is blank!
See screenshot here:...
- 145
0
votes
1
answer
1k
views
CORS preflight return Access-Control-Allow-Origin but response hangs on
I am doing CORS request, and server, has returned me such set of headers for preflight OPTIONS request.
Access-Control-Allow-Headers:authorization
Access-Control-Allow-Methods:POST, OPTIONS
Access-...
- 3,586
0
votes
1
answer
1k
views
unable to set 'Access-Control-Allow-Origin' header
I need to access my web api hosted remotely from my react app. On the server side i did below to allow cross domain communication:
import javax.ws.rs.core.Response;
import com.mypackage.ResponseDto;
...
- 515
1
vote
0
answers
2k
views
CORS: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin'
I'm trying to login to moodle from an external webpage using a post form to moodle, I used the next ajax to send the inputs:
var frm = $('#loginForm');
frm.submit(function(e) {
e.preventDefault()...
1
vote
2
answers
2k
views
No 'Access-Control-Allow-Origin' for 2 different domains or sub-domains CORS issue
There are a lot o topics about 'Access-Control-Allow-Origin', but I couldn't find one for Openseadragon which is for sub-domain name. My website is exampple.domain.com trying to open DZI from ...
- 3,706
1
vote
1
answer
2k
views
Trying to get CORS to work for 4chan API
Introduction
I'm writing a script that will alter the way a person views 4chan, when inside a thread, as well as adding some functionality.
In a 4chan thread, when you upload an image, the server ...
- 5,301
0
votes
1
answer
1k
views
Access-Control-Allow-Origin and document.domain not working
I have an iframe inside a PHP page and I am trying to access a parent element from within the iframe, but always get this error in the Console:
Uncaught DOMException: Blocked a frame with origin
...
- 1,268
0
votes
1
answer
513
views
Access-Control-Allow-Origin in Flask
I am using Flask to run two server on my localhost. One on port 40000 and the other on 50000. I have an HTML5 application running on localhost:50000. Now I want to send GET xml-http-requests to the ...
- 29
8
votes
6
answers
8k
views
Check if online resource is reachable with JavaScript, not requiring the The Same Origin Policy to allow it
I want to check if a server is reachable with a JavaScript function.
By reachable, I mean, if the server answers, I don't care which HTTP status code, it's reachable.
Stackoverflow/Google helped me ...
- 749
2
votes
0
answers
200
views
Access Control List (ACL) in SAPUI5 application
I am currently working on an application based on SAPUI5 and I am facing a task of creating some kind of ACL.
The authentication is made beyond the application (the user is already authenticated, ...
- 202
0
votes
1
answer
868
views
No 'Access-Control-Allow-Origin' header is present on the requested resource with API and website on same port
I have my site and my api hosted on the same port on server (:80).
I would like to send a request from a view of my website to my api.
this is my request : ( i runned it in componentWillMount with ...
- 976
2
votes
1
answer
563
views
Indeed API Access Control Allow Origin
I want to use the API from indeed.com (https://ads.indeed.com/).
The problem is, that they set their Response to "Same Origin" -> Meaning I can't use it on my platform. Since there is not much on ...
- 2,039
0
votes
1
answer
2k
views
Ajax API call Access-Control-Allow-Origin. Origin not allowed access [duplicate]
I've read every conceivable link I can find on the subject, but I still CAN NOT get it to work.
I'm making an AJAX request (From my domain) to an API (on another domain), but all I keep getting back ...
- 537
41
votes
3
answers
145k
views
Error: Permission denied to access property "document"
I have a HTML Document which contains an iframe. Whenever I try to access or modify this iframe with JS I get Error: Permission denied to access property "document".
I am using frame.contentWindow....
- 1,245
0
votes
0
answers
50
views
XMLHttp won't send cookies
The problem is: I need to retrieve cookies from the server response using AJAX, using a specific registration API.
So I'm trying to fix this problem and I figured out much already:
I added Access-...
- 340
17
votes
4
answers
19k
views
Angular POST cross origin error while POSTMAN works
I try to POST from my angular login service:
$http.post('https://xyz/login',
{
headers: {
'Content-type': 'application/json',
'...
- 4,201
16
votes
1
answer
40k
views
Request header field X-CSRFToken is not allowed by Access-Control-Allow-Headers in preflight response
I'm trying to make an API call to the GroupMe API to fetch a JSON response but have been getting the following error:
XMLHttpRequest cannot load ...(call url)...
Request header field X-CSRFToken is ...
- 191
0
votes
2
answers
27
views
Access Control causing issues on different calls
The problem is that I am doing two ajax calls to the same website but with different webpages. Both the webpages are publicly available but the one is giving me Access-Control-Allow-Origin problems.
...
- 127
2
votes
1
answer
1k
views
Get current user from inside the model in Sails
I'm using toJSON() method of my model in Sails in order to control the visibility of some of it's properties, when model is exposed via application's API.
In order to decide which properties to ...
- 28.5k
2
votes
2
answers
137
views
Protecting a JavaScript object against external scripts
Web App Model
Suppose I have a sensitive JS object by which I can do critical stuff. My requirement is that I would like to wrap this object entirely such that no one can access it. Here is my ...
- 29.2k
0
votes
1
answer
3k
views
How to add a javascript button to PDF that saves data to a (png) file?
I create PDF figures with python+matplotlib and I can add a javascript alert box that shows the data from the figure when the PDF is opened.
I want to change the behavior in such a way that there is ...
- 2,115
1
vote
2
answers
2k
views
What is the correct CORS entry for limiting an http:// connection to a remote, hosted web server from a grunt web server on a home network?
I've setup a remote, hosted javascript server (DreamFactory Server http://www.dreamfactory.com/) that responds via REST API's.
Locally, I'm running an Angularjs application through the grunt web ...
- 13
1
vote
1
answer
726
views
Not allowed by Access-Control-Allow-Origin using universal-analytics on Safari
Can't seem to figure this out.
I'm using the universal-analytics nom package (https://www.npmjs.com/package/universal-analytics) in my react.js app and it works great for recording page views on ...
- 4,238
1
vote
1
answer
7k
views
How to implement CORS (Access-Control-Allow-Origin) correctly? [duplicate]
I would like to access an third party resource (on another domain) via XML HTTP Requests (XHR, AJAX).
I setup CORS as follows (on both sides - target and origin):
Access-Control-Allow-Origin: http://...
- 3,480
5
votes
3
answers
9k
views
Access-Control-Allow-Origin is not recognized by Chrome
I understand CORS and how to set the appropriate Access-Control-* headers on a server response. The problem I'm finding is that even though my server is responding with Access-Control-Allow-Origin:*, ...
- 622
0
votes
1
answer
365
views
FB ID is returning as undefined
I am using var userID = (FB.getAuthResponse() || {}).userID; to get ID of logged in user, FB .init is initialized properly.
The issue that I am encountering is If I put
var userID = (FB....
- 59
0
votes
1
answer
123
views
Same-origin policy
I'm getting this error while calling javascipt:
XMLHttpRequest cannot load https://sub.domain.com/actions/action1.php.
No 'Access-Control-Allow-Origin' header is present on the requested
...
- 645
0
votes
1
answer
4k
views
Downloading remote files using the Javascript file API
Stemming from a lack of finding a download manager I like on Ubuntu, I was wondering if it's possible to create one using HTML5 and JavaScript with the new File API available in Chrome. At the moment ...
- 3,874
0
votes
1
answer
2k
views
'Access-Control-Allow-Origin' issue
I have an angular frontend with a rails backend.
I have angular code like this:
$http({method: 'GET', url: 'http://localhost:3000/products.json'}).
success(function(data, status, headers, config) {...
- 1,173
5
votes
2
answers
10k
views
Access-Control-Allow-Origin for multiple domains, in an easier way
header('Access-Control-Allow-Origin: http://splash.example.com');
header('Access-Control-Allow-Credentials: true');
Hello again Stackoverflow!
On my website, I have an ajax file ajax.php, where I ...
- 16k
1
vote
2
answers
1k
views
Using Dynamic Scripts to load JSON Data - Cross Domain - CORS not available
I have a ServiceNow instance running and I'm trying to pull all the users using the JSON Library. I can easily see the JSON list of users if I type in the URL that dumps this data, I'm trying to ...
0
votes
1
answer
514
views
Origin domain.com is not allowed by Access-Control-Allow-Origin
Getting the "Origin http://domain.com is not allowed by Access-Control-Allow-Origin. " error. what I am trying to do is I have a newsletter system I set up on a subdomain and the newsletter on another ...
0
votes
3
answers
1k
views
Access control in frontend with javascript
Here's the scenario. I am developing a one page app:
Most of the operations are achieved through ajax.
The page should show different components in different user login state (admin, normal user, ...
