No 'Access-Control-Allow-Origin' header is present - not allowed access

[peter duke]

Hello all!

I am trying to access a simple /listings/active get request. I can confirm that my access key works through tests on the browser search bar and the returned JSON object. When I try to make an asynchronous call through javascript I get this error. I have tried this request all sorts of ways including adding headers, jsonp, with axios or fetch. I didn't try jQuery ajax because I'm using React.js. Also I tried setting 'dataType: jsonp'

Has anyone run into this issue before?

Below is some details and snippets of code:

Error Messages:

XMLHttpRequest cannot load https://openapi.etsy.com/v2/listings/active?api_key={I_removed_my_key}. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

Code examples (All the different ways I tried to make the call):

[david olick]

You can't just do a GET to any url, your browser is blocking it.  You need to use JSONP.  You should look this up to understand it.

The basics of JSONP is that you create a script element with the src of an external site.  In the URL you provide a "callback" parameter that defines the function name.  The server's response calls the function with a JSON object as a parameter.

If you use jquery, it will hide most of the complexity of this:

$.getJSON("http://externalsite.com/blahblah?blah=thing&callback=?", function(response) {

   console.log(response);

   debugger;

});

--

David Olick

Oriku Inc.

--
You received this message because you are subscribed to the Google Groups "Etsy API" group.
To unsubscribe from this group and stop receiving emails from it, send an email to etsy-api-v2+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[m...@jamesmfriedman.com]

Related to this, I'm using JSONP for a client side api, but am trying to do some image manipulation using Canvas. Because of the browser CORS model, it throws a Canvas is tainted error.

Is there any possibility of the Access-Control-Allow-Origin being added to the static servers response headers so that the images can be manipulated via JS?

To unsubscribe from this group and stop receiving emails from it, send an email to etsy-api-v2...@googlegroups.com.