Hello,
I have a script calling google places api and the response does not seem to return the appropriate headers to comply with CORS and cross-domain data access.
Here's what I have, can someone please tell me what I'm doing wrong so that the google response handles and complies with CORS.
Thanks
javascript:
var xhr = new XMLHttpRequest();
xhr.open("GET", 'https://maps.googleapis.com/maps/api/place/queryautocomplete/json?input={' + searchString + '}&types=address&language=en&crossDomain=true&key=[ourKey]', true);
xhr.onload = function () {
var response = JSON.parse(xhr.responseText);
//do something with the response
};
xhr.send();
Errors:
SEC7120: Origin http://[ourUrl] not found in Access-Control-Allow-Origin header.
File: ClientApiWrapper.aspx
Request Headers:
Request: GET /maps/api/place/queryautocomplete/json?input={55%20saddl}&types=address&language=en&crossDomain=true&key=[ourKey] HTTP/1.1
Accept: /
Referer: http://[ourURL]/[ourOrg]/form/ClientApiWrapper.aspx?ver=1166920881
Accept-Language: en-CA
Origin: http://[ourURL]
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: maps.googleapis.com
Connection: Keep-Alive
Cache-Control: no-cache
Response Headers:
Response: HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Date: Wed, 25 Apr 2018 16:26:36 GMT
Expires: Wed, 25 Apr 2018 16:31:36 GMT
Cache-Control: public, max-age=300
Server: scaffolding on HTTPServer2
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Hello,
I have a script calling google places api and the response does not seem to return the appropriate headers to comply with CORS and cross-domain data access.
Here's what I have, can someone please tell me what I'm doing wrong so that the google response handles and complies with CORS.
Thanks
javascript:
Errors:
SEC7120: Origin http://[ourUrl] not found in Access-Control-Allow-Origin header.
File: ClientApiWrapper.aspx
Request Headers:
Request: GET /maps/api/place/queryautocomplete/json?input={55%20saddl}&types=address&language=en&crossDomain=true&key=[ourKey] HTTP/1.1
Accept: /
Referer: http://[ourURL]/[ourOrg]/form/ClientApiWrapper.aspx?ver=1166920881
Accept-Language: en-CA
Origin: http://[ourURL]
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: maps.googleapis.com
Connection: Keep-Alive
Cache-Control: no-cache
Response Headers:
Response: HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Date: Wed, 25 Apr 2018 16:26:36 GMT
Expires: Wed, 25 Apr 2018 16:31:36 GMT
Cache-Control: public, max-age=300
Server: scaffolding on HTTPServer2
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN