New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CORS headers to the PeeringDB API responses #78
Comments
Should be able to drop in django-cors-headers |
fixed in 22679654 Added CORS headers for
|
Cool! It's great that you guys open up the db for CORS requests. Do you know when this change will go live? I just ran
|
There are no production releases planned for the remainder of 2017 - January seems likely. |
Looking at the milestone for 2.7.1 it looks like this was included - but I'm still getting a CORS error:
Edit: My bad, it looks like this is actually an issue with Firefox CORS policy. It's working just fine on Chrome 87 |
I'm having similar issues trying to use PeeringDB JSON trying to make a notebook in observablehq.com doing a fetch from peeringDB directly.
Looks like that doesn't have CORS header, notably the 'Access-Control-Allow-Origin: *' is missing as far as I understand CORS restrictions. |
Any reason you don't use the API directly, @emileaben? I.e. curl -sG https://peeringdb.com/api/ix --data-urlencode country=IN |
Because I tried to tackle this via the webUI. I went to advanced search, click around so I can search for IXP in country of choice, then found the download in JSON / CSV options. I know there is an API, but it has a gazillion end-points that I got lost in, but once you have it figured out (like your example) it totally makes sense. I've got my case solved, if you want to prevent people walking this path and getting stuck here (I'm not sure how special I am ;) ) it might make sense to have an 'API' option (green button), next to the download in CSV/JSON green buttons for the advanced search options in the webUI. |
Also, for API directly I didn't see the relevant CORS headers either:
|
@emileaben For the CURL requests, since there's no origin set on the request, we wouldn't expect to see a We created an issue about the possibility of enabling CORS on the advanced search. That issue will go through our normal process of approval / veto'ing and possibly end up in a future release. |
I was going to write a javascript widget that you could embed to any website and for that I need Cross-Origin Resource sharing. The Access-Control-Allow-Origin: * header should be added to API responses for this to work.
The text was updated successfully, but these errors were encountered: