CORS

[Martin Kucej]

Hello,

It appears that the ArXiv API is currently inaccessible from browser-based JavaScript because the Access-Control-Allow-Origin headers are missing from the response. This results in a CORS block.

Historically, this API was accessible via client-side fetch/XHR. Was the removal of CORS support an intentional policy change? Thank you!

Best regards,

Martin Kucej

i-librarian.net

[Martin Kucej]

Hello:

I am following up on the below request regarding the missing CORS headers. This is currently blocking our client-side application from fetching ArXiv data. Could you please let us know if this change was intentional or if a fix is planned? Thank you!

Best regards,

Martin 

[Brian Maltzan]

Hi Martin,

Sorry for the disruption in your javascript app.

We intentionally updated our headers to improve user security.

Thanks,

Brian

--
You received this message because you are subscribed to the Google Groups "arXiv API Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to api+uns...@arxiv.org.
To view this discussion visit https://groups.google.com/a/arxiv.org/d/msgid/api/669bda5f-6734-45d2-8156-00489aa5c874n%40arxiv.org.