CORS headers misssing in response
129 views
Skip to first unread message
Jesús Miguel Cruz Cana
Jan 23, 2017, 8:54:07 AM1/23/17
to Bitly API
I have the following snippet:
function unshortBitlyLink (link, callback) { var url = 'https://api-ssl.bitly.com/v3/expand?format=txt&access_token=' + API_TOKENS.BITLY + '&shortUrl=' + link.href;
$.ajax({ url: url, type: 'GET', success: function (actualURL) { setLinkText(link, actualURL); }, complete: function (response) { if (callback) callback(link.href, response); } });}which succeeds and returns the following headers:
It seems like the CORS headers supposed to be returned are missing and so the operation fails and I get the error message
XMLHttpRequest cannot load https://api-ssl.bitly.com/v3/expand?access_token={removed my token for obvious reasons}&shortUrl=http://bit.ly/2j2A3gS. No 'Access-Control-Allow-Origin' header is present on the requested resource.
Is the API malfunctioning or am I missing something?
Any ideas?
Andreas Ulmer
Feb 9, 2017, 10:21:11 AM2/9/17
to Bitly API
Same for me:
* https://api-ssl.bitly.com/v3/expand DOES NOT return `Access-Control-Allow-Origin:*` in response headers
according to https://dev.bitly.com/cors.html, both are supposed to return it.
* https://api-ssl.bitly.com/v3/expand DOES NOT return `Access-Control-Allow-Origin:*` in response headers
(whereas https://api-ssl.bitly.com/v3/shorten does)
I'm using plain XMLHttpRequest
var service = "https://api-ssl.bitly.com/v3/expand";
var xhr = new XMLHttpRequest();
xhr.open("POST", service, true);
xhr.withCredentials = true;
var shorturlsquery = "&shorturl=" + shorturls.join("&shorturl=");
params = "login="+user+"&apiKey="+key+shorturlsquery;
xhr.send(params);according to https://dev.bitly.com/cors.html, both are supposed to return it.
Looks like a bug to me.
Andreas Ulmer
Feb 9, 2017, 10:40:47 AM2/9/17
to Bitly API
found
which mentions CORS is supported with GET only.
still, same issue when using GET on /expand
xhr.open("GET", service, true);
-> https://api-ssl.bitly.com/v3/expand DOES NOT return `Access-Control-Allow-Origin:*` in response headers
interestingly, /shorten endpoint does return proper CORS headers also with POST.
(chrome debugger network tab)
Peter Herndon
Feb 9, 2017, 11:35:57 AM2/9/17
to Bitly API
Hi folks,
Yes, you found a regression where we broke CORS support for /v3/expand. We're implementing a fix which should be available within the next couple of days if all goes according to plan. I'll update the status here when the fix is rolled out.
Thank you very much for helping us make our service better!
Regards,
---Peter
Peter Herndon
Sr. Application Engineer
@Bitly
Peter Herndon
Feb 13, 2017, 2:49:42 PM2/13/17
to Bitly API
Hi folks,
We've deployed the fix for the CORS regression, please give it a try and let us know if you run into further issues. All our endpoints should once again support CORS.
Regards,
---Peter
Peter Herndon
Sr. Application Engineer
@Bitly
Andreas Ulmer
Feb 13, 2017, 3:30:27 PM2/13/17
to Bitly API
I can confirm CORS is working fine now as before for me.
Reply all
Reply to author
Forward
0 new messages