Access-Control-Allow-Origin header
220 views
Skip to first unread message
Evan Tschuy
Nov 18, 2015, 11:10:40 PM11/18/15
to World Bank API
Hello!
I'm working on something that I want to use your API for, but I'm trying to use it in the browser. Unfortunately, it looks like it's not set up with CORS, so whenever I try to get something from it I get a "No 'Access-Control-Allow-Origin' header is present" error.
Would it be possible to get this header added to the API? For a read-only API it should be safe to just set the header to *. Otherwise, anyone have any suggestions for what to do in the mean time? I was thinking of just setting up a lightweight proxy that just added the header I need.
Thanks!
Evan
Tim Herzog
Dec 24, 2015, 12:39:19 PM12/24/15
to World Bank API
Evan, we've implemented the CORS headers to support cross-domain requests, as per your suggestion. Thanks for bringing this up.
Cheers,
Tim
Feli Sánchez
Oct 5, 2016, 7:00:24 PM10/5/16
to World Bank API
Hi! I'm trying to use the API and I'm still getting the 'No Access-Control-Allow-Origin header is present" error. Is the CORS not working anymore???
Thank you for your help!
Tim Herzog
Oct 6, 2016, 6:47:11 AM10/6/16
to World Bank API
Hi Feli,
I just looked and the header is still there. What endpoint are you trying to use?
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2016 10:44:42 GMT
Content-Type: text/xml; charset=UTF-8
Content-Length: 25864
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: X-Requested-With
X-Powered-By: ASP.NET
eBrou
Jan 6, 2017, 11:56:56 PM1/6/17
to World Bank API
Hi Tim - I'm trying to use the climate data API and I'm also receiving the same error. Can you please advise?
Thanks in advance.
Tim Herzog
Jan 8, 2017, 11:27:02 PM1/8/17
to World Bank API
Hello,
It appears the access control headers aren't included in the climate API. I can pass this on to the developers tomorrow and see if it's possible to add them.
Sarven Capadisli
Jan 9, 2017, 3:02:15 AM1/9/17
to world-b...@googlegroups.com
You should make sure to use value of the client's Origin header in your
response for the Access-Control-Allow-Origin value. Leaving it at *
doesn't always work, especially if the client makes the request
withCredentials.
-Sarven
http://csarven.ca/#i
On 2017-01-09 05:27, Tim Herzog wrote:
> Hello,
>
> It appears the access control headers aren't included in the climate
> API. I can pass this on to the developers tomorrow and see if it's
> possible to add them.
>
> On Friday, January 6, 2017 at 11:56:56 PM UTC-5, eBrou wrote:
>
> Hi Tim - I'm trying to use the climate data API and I'm also
> receiving the same error. Can you please advise?
> Thanks in advance.
>
> On Thursday, October 6, 2016 at 3:47:11 AM UTC-7, Tim Herzog wrote:
>
> Hi Feli,
>
> I just looked and the header is still there. What endpoint are
> you trying to use?
>
> curl -si http://api.worldbank.org/v2/en/country
> <http://api.worldbank.org/v2/en/country>
>
> HTTP/1.1 200 OK
>
> Date: Thu, 06 Oct 2016 10:44:42 GMT
>
> Content-Type: text/xml; charset=UTF-8
>
> Content-Length: 25864
>
> Connection: keep-alive
>
> Access-Control-Allow-Origin: *
>
> Access-Control-Allow-Methods: GET
>
> Access-Control-Allow-Headers: X-Requested-With
>
> X-Powered-By: ASP.NET <http://ASP.NET>
> --
> You received this message because you are subscribed to the Google
> Groups "World Bank API" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to world-bank-ap...@googlegroups.com
> <mailto:world-bank-ap...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
response for the Access-Control-Allow-Origin value. Leaving it at *
doesn't always work, especially if the client makes the request
withCredentials.
-Sarven
http://csarven.ca/#i
On 2017-01-09 05:27, Tim Herzog wrote:
> Hello,
>
> It appears the access control headers aren't included in the climate
> API. I can pass this on to the developers tomorrow and see if it's
> possible to add them.
>
> On Friday, January 6, 2017 at 11:56:56 PM UTC-5, eBrou wrote:
>
> Hi Tim - I'm trying to use the climate data API and I'm also
> receiving the same error. Can you please advise?
> Thanks in advance.
>
> On Thursday, October 6, 2016 at 3:47:11 AM UTC-7, Tim Herzog wrote:
>
> Hi Feli,
>
> I just looked and the header is still there. What endpoint are
> you trying to use?
>
> curl -si http://api.worldbank.org/v2/en/country
> <http://api.worldbank.org/v2/en/country>
>
> HTTP/1.1 200 OK
>
> Date: Thu, 06 Oct 2016 10:44:42 GMT
>
> Content-Type: text/xml; charset=UTF-8
>
> Content-Length: 25864
>
> Connection: keep-alive
>
> Access-Control-Allow-Origin: *
>
> Access-Control-Allow-Methods: GET
>
> Access-Control-Allow-Headers: X-Requested-With
>
> You received this message because you are subscribed to the Google
> Groups "World Bank API" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to world-bank-ap...@googlegroups.com
> <mailto:world-bank-ap...@googlegroups.com>.
> For more options, visit https://groups.google.com/d/optout.
eBrou
Jan 9, 2017, 10:14:00 PM1/9/17
to World Bank API
thank you!
fh
Jun 26, 2017, 9:29:38 AM6/26/17
to World Bank API
Hello,
I'm trying to access the GDP Data, but it seems that the CORS Headers are not set there:
http://api.worldbank.org/countries/de/indicators/NY.GDP.MKTP.CD?format=json
Can these please be added?
greetings
fabian
I'm trying to access the GDP Data, but it seems that the CORS Headers are not set there:
http://api.worldbank.org/countries/de/indicators/NY.GDP.MKTP.CD?format=json
| Connection | keep-alive |
| Content-Length | 7955 |
| Content-Type | application/json;charset=utf-8 |
| Date | Mon, 26 Jun 2017 13:05:17 GMT |
| Server | Apigee Router |
| Set-Cookie | TS019266c8=017189f9479f53a6dedf2b242e535b48b8befa2649e48d8d50013342847b37d3909d434659; Path=/ |
| X-Powered-By | ASP.NET |
Can these please be added?
greetings
fabian
Tim Herzog
Jun 27, 2017, 9:55:30 AM6/27/17
to World Bank API
Fabian,
Use this endpoint for CORS support (and add "/v2" to other endpoints):
Reply all
Reply to author
Forward
0 new messages