Control of Access-Control-Allow-Origin header

Want something added? Ask for it here.
Post Reply
twiceover
Newbie
Newbie
Posts: 4
Joined: September 19th, 2017, 9:55 am

Control of Access-Control-Allow-Origin header

Post by twiceover » September 19th, 2017, 10:15 am

I'm writing a little web utility to hit the SAB API and get me some dashboard information. It works perfectly in IE, however Chrome (and FF) have a security setting that prevents cross domain requests. So when my utility (running on one server) hits the API (running on a different server), Chrome pukes up a security issue "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access." This can be resolved by the SAB server allowing some control over the Access-Control-Allow-Origin header.

I'm sure this is an advanced setting that basically nobody would need, however it would be pretty darn useful for the API. In my searching I did find someone that forked SAB 5 or so years ago just to add this capability.

Thought I'd throw it out there. Thanks for the awesome work.

User avatar
shypike
Administrator
Administrator
Posts: 21017
Joined: January 18th, 2008, 12:49 pm

Re: Control of Access-Control-Allow-Origin header

Post by shypike » October 19th, 2017, 2:48 pm

Can you explain the details a bit more?
Or point to the fork?

twiceover
Newbie
Newbie
Posts: 4
Joined: September 19th, 2017, 9:55 am

Re: Control of Access-Control-Allow-Origin header

Post by twiceover » November 11th, 2017, 2:16 pm

I can't find that fork.

Here is a Reddit post of someone trying to do the same thing I am.

LINKhttps://www.reddit. com/r/javascript/comments/51sry6/need_some_help_with_js_and_api/?st=j9vookgr&sh=1ad106a9

More info on CORS:
LINKhttps://developer.mozilla. org/en-US/docs/Web/HTTP/CORS

Post from a few years ago:
LINKhttps://forums.sabnzbd. org/viewtopic.php?t=7072

New users aren't allowed to post links, so parse as you will.

User avatar
shypike
Administrator
Administrator
Posts: 21017
Joined: January 18th, 2008, 12:49 pm

Re: Control of Access-Control-Allow-Origin header

Post by shypike » November 20th, 2017, 2:58 pm

Quite a subject.
I'll see what I can do.

User avatar
shypike
Administrator
Administrator
Posts: 21017
Joined: January 18th, 2008, 12:49 pm

Re: Control of Access-Control-Allow-Origin header

Post by shypike » November 20th, 2017, 3:37 pm

Can you show me how you refer to SABnzbd?
I've made this very crude try and it works.

Code: Select all

<!DOCTYPE html>
<html>

This is the History:
<iframe src="https://MYSERVER .COM:8080/sabnzbd/rss?mode=history&apikey=MYAPIKEY" width="100%" height="2000" frameborder="0" scrolling="yes"></iframe>
End

</html>
I open this from a local HTML text file.

User avatar
safihre
Administrator
Administrator
Posts: 2214
Joined: April 30th, 2015, 7:35 am
Location: Switzerland
Contact:

Re: Control of Access-Control-Allow-Origin header

Post by safihre » November 20th, 2017, 4:48 pm

You need to do it via Javascript JSON calls, for example using jQuery's $.get()

twiceover
Newbie
Newbie
Posts: 4
Joined: September 19th, 2017, 9:55 am

Re: Control of Access-Control-Allow-Origin header

Post by twiceover » November 29th, 2017, 10:10 pm

shypike wrote:
November 20th, 2017, 3:37 pm
Can you show me how you refer to SABnzbd?
I've made this very crude try and it works.

Code: Select all

<!DOCTYPE html>
<html>

This is the History:
<iframe src="https://MYSERVER .COM:8080/sabnzbd/rss?mode=history&apikey=MYAPIKEY" width="100%" height="2000" frameborder="0" scrolling="yes"></iframe>
End

</html>
I open this from a local HTML text file.
For what I'm trying to do I can't use iframe. I need to call for and get values from the API.

twiceover
Newbie
Newbie
Posts: 4
Joined: September 19th, 2017, 9:55 am

Re: Control of Access-Control-Allow-Origin header

Post by twiceover » November 29th, 2017, 10:11 pm

safihre wrote:
November 20th, 2017, 4:48 pm
You need to do it via Javascript JSON calls, for example using jQuery's $.get()
Hrm. I'll give it a try.

Post Reply