question

faustofausto94 avatar image
0 Likes"
faustofausto94 asked

Is there a CORS support?

Hello, I'm trying to make a ws call in angularJS to the following url that from now on I will call **mySearchUrl**: http://open.api.ebay.com/Shopping?callname=GetCategoryInfo&appid=myAppID&CategoryID=-1&IncludeSelector=ChildCategories&version=967&siteid=101 But when I try to make the from another domain it gives me a CORS error: *XMLHttpRequest cannot load* **mySearchUrl**. *No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://www.mydomain.com' is therefore not allowed access.* So I fixed the problem using the: $http.defaults.headers.common= { 'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Headers': 'X-Requested-With, Origin, Content-Type, X-Auth-Token', 'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE' } to modify the requests header and now the problem is: XMLHttpRequest cannot load **mySearchUrl**. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://mydomain.com' is therefore not allowed access. So I'm testing everything but I can't solve this problem. I also tested the URL from a CORS-test site and it doesn't work, so: Can Anybody tell me if these ws calls are CORS enabled? how can I solve, please? Thank you very much for your help
search-apicategoriescorsdomain
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

6 Answers

· Write an Answer
clickimusprime avatar image
0 Likes"
clickimusprime answered
There is no call to retrieve all categories. You have to walk the tree. There are other threads that discuss this. You should consider retrieving and caching category data as needed rather than preloading it all. CORS doesn't apply to jsonp, so you don't need headers. eBay's system supports jsonp with the callbackname as I mentioned previously. You're probably handling the response directly instead of using the callback function. Here's a simple example to fetch a category name via jsonp: pending... Again, you shouldn't be doing it this way unless it's a private app. Instead, create a PHP (or whatever) page that does an API request and outputs the data you need to the screen in JSON/HTML/delimited. Then call the PHP page with AJAX to make the API request and get the data. Try to keep as much of the code as possible on the server side.
· 1
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

faustofausto94 avatar image faustofausto94 ·
You've been precious! Seriously, thank you very much for your tips. Have a nice day
0 Likes 0 ·
clickimusprime avatar image
0 Likes"
clickimusprime answered
Use the jsonp callback option, see Making a Call at the top of the docs. Note that you are exposing your appid to clients this way. The preferred way is to setup a script on your server that makes the request and then returns the results, then call that script with ajax. This keeps your appid private.
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

faustofausto94 avatar image
0 Likes"
faustofausto94 answered
@clickimusprime You mean this page? https://developer.ebay.com/Devzone/finding/Concepts/MakingACall.html maybe some code clarifies; this doesn't work: $scope.getSuperCategories = function(){ var getSuperCategories = $http({ url: mySearchUrl, dataType: 'jsonp', headers: {'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Headers': 'X-Requested-With, Origin, Content-Type, X-Auth-Token', 'Access-Control-Allow-Methods': 'GET, PUT, POST, DELETE'} }).then(function(result){ $scope.superCategories = result.data; }); }; with the following code, instead, CORS errors disappear: $.ajax({ url: url, dataType: "jsonp", beforeSend: function(request) { request.setRequestHeader("Access-Control-Allow-Origin", '*'); }, success: function(root){ main.superCategories = root; } }); but it gives me Uncaught SyntaxError: Unexpected token < on the first line of the correct document containing ebay's data: what's wrong with this? Thank you, I really appreciate this.
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

clickimusprime avatar image
0 Likes"
clickimusprime answered
Can't tell what's wrong with your URL because you didn't post it. But since the response is XML, you probably didn't follow the instruction about how to request a JSON response.
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

xiang.developersupport avatar image
0 Likes"
xiang.developersupport answered
Hi faustofausto94, Please note CORS and JSONP are general concepts in web development, instead of eBay specific feature. Please note it does not make sense to set HTTP request headers, such as Access-Control-Allow-Origin and send it to the server. You should set such headers in the response from your own server side when your own server serves your request. Access-Control-Allow-Origin specifies which sites are allowed. Then after this request, you can send requests to the sites which are included in Access-Control-Allow-Origin. From some point of view, JSONP can be also an option for CORS, but it's another topic. Maybe you would like to do some learning about CORS and JSONP by yourself. Best Regards,
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

faustofausto94 avatar image
0 Likes"
faustofausto94 answered
@xiang.developersupport I know they're general concept, but you clarified me an important thing, thank you. @clickimusprime I dind't post the URL because I was testing a similiar URL. the definitive search I have to do is to get all categories(with child included). But I don't know the correct URL, maybe you can help me. I was testing with the GetCategoryInfo, but it returns only one child level: http://open.api.ebay.com/Shopping?callname=GetCategoryInfo&appid=MY-APP-ID&CategoryID=-1&IncludeSelector=ChildCategories&version=967&siteid=101&responseencoding=JSON now I'm trying to get all categories, but I was wrong because I didn't know about the "reponseencoding=JSON" part. After adding it the CORS error didn't disappear but at least I don't have to parse xml. Now my target is to retrieve all categories using an URL: I read about the GetCategories but I dind't find a real solution using the URL to get ALL the existing categories. Do you know which URL to use, please? Thank you for your assistance.
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.