Geek Answers Handbook

Yahoo - OAuth2 - SocialAPI: doesn't return "Access-Control-Allow-Origin" in the original answer

I use Yahoo Social APIfor Contactsusing OAuth2 through Javascript (as indicated here https://developer.yahoo.com/oauth2/guide/#implicit-grant-flow-for-client-side-apps )

However, after the successful authenticationfix Access Token, I cannot complete the call through JS. The browser says:

XMLHttpRequest cannot load https://social.yahooapis.com/v1/user/me/contacts
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://..' is therefore not allowed access.

However, when I try to use PHP Curl with the same call, it works (hence, this proves that this is not a token problem).

Does anyone know how to solve this? Thank.

+4
source share
1 answer

, https://social.yahooapis.com/ API, , .

- Yahoo Social API :

, , aouth2 - "XXXXXXXX", , javascript.

$.ajax({
         url: 'https://social.yahooapis.com/v1/me/guid?format=json',
         beforeSend: function (xhr) {
                        xhr.setRequestHeader ("authorization", "Bearer " + "XXXXXXXX");
                    },
                    success:function(guuid) {
                        console.log(guuid);
                    }
        });

HTTP GET social.yahooapis.com, , CORS (, ) " " HTTP , , .

, :

Request Header
:host:social.yahooapis.com
:method:OPTIONS
:path:/v1/me/guid?format=json
:scheme:https
:version:HTTP/1.1
accept:*/*
accept-encoding:gzip, deflate, sdch
accept-language:en-US,en;q=0.8
access-control-request-headers:accept, authorization
access-control-request-method:GET
cache-control:no-cache
origin:http://yourorigin.io
pragma:no-cache
referer:http://yourorigin.io
user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36     (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.3

API- yahoo

Response Header
age:0
allow:OPTIONS,HEAD,GET
content-length:0
content-type:application/vnd.sun.wadl+xml
date:Sun, 10 May 2015 19:21:40 GMT
last-modified:Thu, 30 Apr 2015 13:20:58 PDT
server:ATS
servletwebservicefilter-enabled:true
status:200 OK
vary:Accept
version:HTTP/1.1
via:http/1.1 r18.ycpi.ne1.yahoo.net (ApacheTrafficServer [c sSf ]), https/1.1             r26.ycpi.sjb.yahoo.net (ApacheTrafficServer [c sSf ])
x-yahoo-social-data-source:default_source
x-yahoo-social-host:ws127.progrss.ne1.yahoo.com
y-rid:er2nai1akvbu4

, 200OK, :

Access-Control-Allow-Origin:*

Chrome - , GET CORS, Response Header Access-Control-Allow-Origin, , .yahooapis.com

XMLHttpRequest cannot load https://social.yahooapis.com/v1/me/guid?format=json.
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'http://yourorigin.com' is therefore not allowed access.

, :

{   
  "guid" :   
   {   
    "uri": "XXXX",  // URI value  
    "value": "XXXX"   
   }  
 }

- :

No 'Access-Control-Allow-Origin' header is present on the requested resource.

, YDN SDK ( API), -. . , https://developer.yahoo.com/forum/OAuth-General-Discussion-YDN-SDKs/http-social-yahooapis-com-Will-be-right-back/1395509802423-89faffa2-1503-486d-bc29-6505719bd774/

- GET HTTP javascript . , .

, , Yahoo Access-Control-Allow-Origin: * javascript- api.

, , . , , yahoo .

+4

More articles:


All Articles