Re: Access-Control-Allow-Origin Issue with API
94 views
Skip to first unread message
Message has been deleted
Adam (Cloud Platform Support)
Nov 12, 2016, 12:36:41 PM11/12/16
to Google App Engine
You should be able to set any response header in your handler code. Can you elaborate on how you're trying to set it in your PHP script, and what you mean by "doesn't work in the file because of the compression" ?
On Wednesday, November 9, 2016 at 4:15:38 PM UTC-5, Mike Tickle wrote:
On Wednesday, November 9, 2016 at 4:15:38 PM UTC-5, Mike Tickle wrote:
Hello everyone,I have written a pretty simple API in PHP and am running it as a service (https://protoapi-dot-rehash-148415.appspot.com/events/).When I try to load a data grid with the JSON from the API, I am getting the dreaded "No 'Access-Control-Allow-Origin' header is present on the requested resource." error on the page on which I want to consume the JSON. (http://proto-angular-dot-rehash-148415.appspot.com/events.php)I've tried a couple of different methods to add Access-Control-Allow-Origin: "*" to the app.yaml file and to the header in the PHP file that produces the API. I think it doesn't work in the yaml because you cannot apply http_headers to dynamic files, and it doesn't work in the file because of the compression.Is there any other way to make this work, short of putting the API and the app in the same service? I'd hate to do that because I am using mod_rewrite for the API and it will probably cause chaos on my app.Any insights would be greatly appreciated!-Mike
Mike Tickle
Nov 14, 2016, 2:18:46 PM11/14/16
to Google App Engine
Hey Adam,
In my PHP file, I set:
header('Content-Type: application/json');
But when I look at the output of the file in something like Postman, it says it is a gzip encoding with an html/text content type. It appears that the content type header is being stripped from the PHP output.
-Mike
Adam (Cloud Platform Support)
Nov 15, 2016, 12:53:32 PM11/15/16
to Google App Engine
This should not affect your ability to use CORS. You can still set header('Access-Control-Allow-Origin: <origin>') from your PHP script.
The encoding only affects the response body. In particular, gzip encoding is applied when the client specifies it can handle it in the Accept-Encoding and User-Agent headers. A Content-Encoding of 'text/html' is only set by default when the application does not specify it, so it may be an issue with the script.
If you would like to post more details from the PHP script I can examine the issue further.
Reply all
Reply to author
Forward
0 new messages