Question by faustofausto94 · May 12, 2017 at 04:17 AM · corssearch-apicategoriesdomain
Is there a CORS support?
Hello, I'm trying to make a ws call in angularJS to the following url that from now on I will call mySearchUrl: http://open.api.ebay.com/Shopping?callname=GetCategoryInfo≈pid=myAppID&CategoryID=-1&IncludeSelector=ChildCategories&version=967&siteid=101
But when I try to make the from another domain it gives me a CORS error:
XMLHttpRequest cannot load mySearchUrl. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.mydomain.com' is therefore not allowed access.
So I fixed the problem using the:
$http.defaults.headers.common= {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'X-Requested-With, Origin, Content-Type, X-Auth-Token',
'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE'
}
to modify the requests header and now the problem is:
XMLHttpRequest cannot load mySearchUrl. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://mydomain.com' is therefore not allowed access.
So I'm testing everything but I can't solve this problem. I also tested the URL from a CORS-test site and it doesn't work, so:
Can Anybody tell me if these ws calls are CORS enabled? how can I solve, please? Thank you very much for your help
Answer by clickimusprime · May 15, 2017 at 10:00 AM
There is no call to retrieve all categories. You have to walk the tree. There are other threads that discuss this. You should consider retrieving and caching category data as needed rather than preloading it all.
CORS doesn't apply to jsonp, so you don't need headers. eBay's system supports jsonp with the callbackname as I mentioned previously. You're probably handling the response directly instead of using the callback function.
Here's a simple example to fetch a category name via jsonp:
<script>
var appid = "YOURAPPID";
$.ajax({
dataType: "jsonp",
method: "GET",
url: "http://open.api.ebay.com/Shopping?callname=GetCategoryInfo&appid=" + appid + "&siteid=1&CategoryID=293&version=981&responseencoding=JSON&callbackname=jsonpcallback",
});
function jsonpcallback(jsdata) {
console.log(jsdata);
$("#output").html(jsdata.CategoryArray.Category[0].CategoryName);
}
</script>
<div id="output">pending...</div>
Again, you shouldn't be doing it this way unless it's a private app. Instead, create a PHP (or whatever) page that does an API request and outputs the data you need to the screen in JSON/HTML/delimited. Then call the PHP page with AJAX to make the API request and get the data. Try to keep as much of the code as possible on the server side.
You've been precious! Seriously, thank you very much for your tips. Have a nice day
Answer by clickimusprime · May 12, 2017 at 06:19 AM
Use the jsonp callback option, see Making a Call at the top of the docs. Note that you are exposing your appid to clients this way.
The preferred way is to setup a script on your server that makes the request and then returns the results, then call that script with ajax. This keeps your appid private.
People who like this
Answer by faustofausto94 · May 13, 2017 at 08:00 AM
You mean this page? https://developer.ebay.com/Devzone/finding/Concepts/MakingACall.html
maybe some code clarifies; this doesn't work:
$scope.getSuperCategories = function(){
var getSuperCategories = $http({
url: mySearchUrl,
dataType: 'jsonp',
headers: {'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'X-Requested-With, Origin, Content-Type, X-Auth-Token',
'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE'}
}).then(function(result){
$scope.superCategories = result.data;
});
};
with the following code, instead, CORS errors disappear:
$.ajax({
url: url,
dataType: "jsonp",
beforeSend: function(request) {
request.setRequestHeader("Access-Control-Allow-Origin", '*');
},
success: function(root){
main.superCategories = root;
}
});
but it gives me
Uncaught SyntaxError: Unexpected token <
on the first line of the correct document containing ebay's data:
<?xml version="1.0" encoding="UTF-8"?>
what's wrong with this? Thank you, I really appreciate this.
People who like this
Answer by clickimusprime · May 14, 2017 at 08:06 AM
Can't tell what's wrong with your URL because you didn't post it. But since the response is XML, you probably didn't follow the instruction about how to request a JSON response.
People who like this
Answer by xiang.developersupport · May 14, 2017 at 09:57 PM
Hi faustofausto94, Please note CORS and JSONP are general concepts in web development, instead of eBay specific feature.
Please note it does not make sense to set HTTP request headers, such as Access-Control-Allow-Origin and send it to the server. You should set such headers in the response from your own server side when your own server serves your request. Access-Control-Allow-Origin specifies which sites are allowed. Then after this request, you can send requests to the sites which are included in Access-Control-Allow-Origin.
From some point of view, JSONP can be also an option for CORS, but it's another topic. Maybe you would like to do some learning about CORS and JSONP by yourself.
Best Regards,
People who like this
Answer by faustofausto94 · May 15, 2017 at 03:53 AM
@xiang.developersupport I know they're general concept, but you clarified me an important thing, thank you. @clickimusprime I dind't post the URL because I was testing a similiar URL. the definitive search I have to do is to get all categories(with child included). But I don't know the correct URL, maybe you can help me. I was testing with the GetCategoryInfo, but it returns only one child level:
now I'm trying to get all categories, but I was wrong because I didn't know about the "reponseencoding=JSON" part. After adding it the CORS error didn't disappear but at least I don't have to parse xml. Now my target is to retrieve all categories using an URL: I read about the GetCategories but I dind't find a real solution using the URL to get ALL the existing categories. Do you know which URL to use, please? Thank you for your assistance.
People who like this
Your answer
