Set the Access-Control-Allow-Origin

Get help using Construct 3!

Post » Thu Aug 10, 2017 12:33 pm

Okay, so I read the manual and various posts but I still don't understand where this needs to go:

Does it go at the start of my index.htl file on the server?
If so do i need to rename that to index.php?
Do i make a new php file on my server?

...or something else?

All the forum answers say I need to use this but none seem to say where it needs to go. Where does it go ?!?

Please help.
Thanks
B
6
S
1
Posts: 19
Reputation: 592

Post » Thu Aug 10, 2017 4:34 pm

I have tried adding the following to the index.html file before all other code..

Code: Select all
<?php
header('Access-Control-Allow-Origin: *');
?>


..but this didn't work.
Any ideas? Really stuck!
Thanks
B
6
S
1
Posts: 19
Reputation: 592

Post » Thu Aug 10, 2017 4:41 pm

https://enable-cors.org/index.html

Also be aware https may play a role.
Image ImageImage
B
171
S
50
G
180
Posts: 8,397
Reputation: 113,988

Post » Thu Aug 10, 2017 6:31 pm

Nope, I tried putting it on a secure https server but I get the same error..

Code: Select all
Fetch API cannot load https://api.myapi.com/v2/licenses/verify/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://mysite.com' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.


Also Ive tried setting the request header itself in Construct before the request gets made...but that still gives me the error.

What exactly am I doing wrong here?
B
6
S
1
Posts: 19
Reputation: 592

Post » Thu Aug 10, 2017 7:45 pm

Is the name of your site "https://mysite.com"?
Image ImageImage
B
171
S
50
G
180
Posts: 8,397
Reputation: 113,988

Post » Fri Aug 11, 2017 7:10 am

CORS needs to be set up on the server you are requesting data from, not from the construct app or the domain hosting the construct app. It is set in the hosting server's configuration files.
Mistakes were made.
B
53
S
27
G
114
Posts: 1,699
Reputation: 64,446

Post » Mon Aug 14, 2017 8:52 pm

CORS needs to be set up on the server you are requesting data from, not from the construct app or the domain hosting the construct app. It is set in the hosting server's configuration files.


Are you sure? Because when I disable cors locally on my browser, the data gets retrieved from the source successfully. This would indicate that the data provider is sending the message anyway and its my construct hosted server that is not able to receive it (or send the request) correctly.

Is the name of your site "https://mysite.com"?
no. but I put that there as an example :)
B
6
S
1
Posts: 19
Reputation: 592

Post » Thu Aug 17, 2017 4:50 am

Even if you send a no-cors request, an opaque response cannot be read or accessed by JavaScript.

This is normal behavior, basically one use case is to prevent hot-linking to resources that are not yours (stealing bandwidth). Either you have access to the server/domain where the resource is hosted and configure it to allow cors, or you'll need a copy of the resource on the same domain as your game/app so then cors is not necessary at all.
Mistakes were made.
B
53
S
27
G
114
Posts: 1,699
Reputation: 64,446

Post » Fri Sep 01, 2017 9:24 am

So in the end I just needed a php file on my server with the 'allow control header' AND the actual request in the same php file.

Steps...
-I put a php file which included the header('Access-Control-Allow-Origin: *'); AND a REST request to the api in question. (So the main difference being that PHP makes the api request NOT C2)

-This php also spits out the result of the call with echo.

-I used c2 to call the php file using an axaj POST request

-C2 then receives the request data using LastData

All works a charm when uploaded to the server. Hoorah! :D

EDIT: I actually REMOVED Access-Control-Allow-Origin: from my PHP file and it all still worked, so presumably the apis that I'm trying to access already have this set at their end.
B
6
S
1
Posts: 19
Reputation: 592


Return to How do I...?

Who is online

Users browsing this forum: No registered users and 0 guests