generated curl request works, but try-it-out feature gives no response

1,487 views
Skip to first unread message

Tom Johnson

unread,
Oct 9, 2015, 12:49:04 AM10/9/15
to Swagger
In my Swagger-UI project, when I click Try-it-out, I get an error that says "No response from server." It has response code 0. And there's nothing in the response body.

However, the auto-generated cURL code that appears after clicking Try-it-out does actually work. When I paste that into Terminal, I get the right response.

I'm wondering if my API supports Swagger. The authentication requires an HMAC signature in the header, which I think is working. But maybe other kinds of requests are blocked? How do I know if my API is compatible with Swagger? 

(Sorry I can't post my code since it's behind the firewall.)

Ron Ratovsky

unread,
Oct 9, 2015, 1:44:27 AM10/9/15
to Swagger
My guess is that the problem is actually with the response from the server.
Can you check the result of the request in your browser's web console network tab when you click the try-it-out?

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.



--
-----------------------------------------
http://swagger.io
https://twitter.com/SwaggerApi
-----------------------------------------

Tom Johnson

unread,
Oct 9, 2015, 2:11:08 AM10/9/15
to Swagger
I'm getting a CORS error in the console when clicking Try it out:

401 (Unauthorized)...
(index):1 XMLHttpRequest cannot load http://.... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '...' is therefore not allowed access. The response had HTTP status code 401.


Why can I execute calls fine from Postman or cURL without worrying about CORS, but not from Swagger UI on a web server? I'm submitting an HMAC signature in the header with both approaches.

Tom

On Thursday, October 8, 2015 at 10:44:27 PM UTC-7, Ron wrote:
My guess is that the problem is actually with the response from the server.
Can you check the result of the request in your browser's web console network tab when you click the try-it-out?
On Thu, Oct 8, 2015 at 9:49 PM, Tom Johnson <tomjohn...@gmail.com> wrote:
In my Swagger-UI project, when I click Try-it-out, I get an error that says "No response from server." It has response code 0. And there's nothing in the response body.

However, the auto-generated cURL code that appears after clicking Try-it-out does actually work. When I paste that into Terminal, I get the right response.

I'm wondering if my API supports Swagger. The authentication requires an HMAC signature in the header, which I think is working. But maybe other kinds of requests are blocked? How do I know if my API is compatible with Swagger? 

(Sorry I can't post my code since it's behind the firewall.)

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggersocket+unsub...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Ron Ratovsky

unread,
Oct 9, 2015, 5:37:58 PM10/9/15
to Swagger
Right, so it is a CORS issue after all.

CORS is unfortunately a browser limitation that we have no control over. Postman and curl are not affected by it.

To use it with Swagger-UI, you'd have to enable CORS (there are some workarounds, but I wouldn't recommend any).

On Thu, Oct 8, 2015 at 11:11 PM, Tom Johnson <tomjohn...@gmail.com> wrote:
I'm getting a CORS error in the console when clicking Try it out:

401 (Unauthorized)...
(index):1 XMLHttpRequest cannot load http://.... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '...' is therefore not allowed access. The response had HTTP status code 401.


Why can I execute calls fine from Postman or cURL without worrying about CORS, but not from Swagger UI on a web server? I'm submitting an HMAC signature in the header with both approaches.

Tom

On Thursday, October 8, 2015 at 10:44:27 PM UTC-7, Ron wrote:
My guess is that the problem is actually with the response from the server.
Can you check the result of the request in your browser's web console network tab when you click the try-it-out?
On Thu, Oct 8, 2015 at 9:49 PM, Tom Johnson <tomjohn...@gmail.com> wrote:
In my Swagger-UI project, when I click Try-it-out, I get an error that says "No response from server." It has response code 0. And there's nothing in the response body.

However, the auto-generated cURL code that appears after clicking Try-it-out does actually work. When I paste that into Terminal, I get the right response.

I'm wondering if my API supports Swagger. The authentication requires an HMAC signature in the header, which I think is working. But maybe other kinds of requests are blocked? How do I know if my API is compatible with Swagger? 

(Sorry I can't post my code since it's behind the firewall.)

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.



--
-----------------------------------------
http://swagger.io
https://twitter.com/SwaggerApi
-----------------------------------------

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Tom Johnson

unread,
Oct 9, 2015, 5:41:09 PM10/9/15
to Swagger
I confirmed with my dev team that CORS isn't enabled on our API. (I don't understand why Postman works but Swagger or JS on a page doesn't work, but oh well.) I hope I can get things changed, but if not I'm out of luck. 

Ron Ratovsky

unread,
Oct 9, 2015, 5:50:53 PM10/9/15
to Swagger
Postman is not really a web application - even if it runs under the browser, it doesn't suffer the same limitations.
You may be able to use a CORS proxy (assuming it's a public API) such as http://crossorigin.me/ or install a cors proxy internally to do it.

Different browsers have different ways of disable CORS on them - I'd avoid it in general but if want to use it for testing you can search how to do that based on your browser of choice.

On Fri, Oct 9, 2015 at 2:41 PM, Tom Johnson <tomjohn...@gmail.com> wrote:
I confirmed with my dev team that CORS isn't enabled on our API. (I don't understand why Postman works but Swagger or JS on a page doesn't work, but oh well.) I hope I can get things changed, but if not I'm out of luck. 

--
You received this message because you are subscribed to the Google Groups "Swagger" group.
To unsubscribe from this group and stop receiving emails from it, send an email to swagger-swaggers...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages