Question about CORS #90
Comments
Hi, take a look here: https://github.com/wordnik/swagger-core/wiki/CORS for point 2, you simply need to add the headers when writing the response back to the client. If you're using the swagger-node-express module, it'll add them automatically: https://github.com/wordnik/swagger-node-express/blob/master/Common/node/swagger.js#L74 |
Hi, Fehguy Thank you for such a quick response. What I had done before were
In '3)', as i explained what i have done before, wiki/CORS and you're telling me that Thank you for your patience. |
That is correct. The CORS support has to be on the remote server, not the server providing the swagger-ui. |
Thank you for your hard work and great sharing, first of all.
I'm trying to adopt swagger(swagger-node-express) in my API service
as a consolidate API documentations and demo framework.
Every call of APIs in my API gateway must be referenced (i mean " be called")
in remote server(resource provider).
As a simple test, I tried to call one of them in Swagger API explorer.
("input_baseUrl" of index.html(swagger-ui)
then i got the following errors from the above trial,
(from Chrome debugger)
....
XMLHttpRequest cannot load http://ktas.konantech.com/ktas-api/1.0/lists/buzzcnt.json?api_key=pet. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://10.10.17.148:8001' is therefore not allowed access. (index):1
Unable to Load SwaggerUI (index):33
Can't read from server. It may not have the appropriate access-control-origin settings. (index):34
Uncaught Can't read from server. It may not have the appropriate access-control-origin settings. swagger.js:213
XMLHttpRequest cannot load http://ktas.konantech.com/ktas-api/1.0/lists/buzzcnt.json?api_key=pet. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://10.10.17.148:8001' is therefore not allowed access. (index):1
Unable to Load SwaggerUI (index):33
Can't read from server. It may not have the appropriate access-control-origin settings. (index):34
Uncaught Can't read from server. It may not have the appropriate access-control-origin settings. swagger.js:213
XMLHttpRequest cannot load http://ktas.konantech.com/ktas-api/1.0/lists/buzzcnt.json?api_key=pet. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://10.10.17.148:8001' is therefore not allowed access. (index):1
Unable to Load SwaggerUI (index):33
Can't read from server. It may not have the appropriate access-control-origin settings. (index):34
Uncaught Can't read from server. It may not have the appropriate access-control-origin settings. swagger.js:213
XMLHttpRequest cannot load http://ktas.konantech.com/ktas-api/1.0/lists/buzzcnt.json?api_key=pet. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://10.10.17.148:8001' is therefore not allowed access. (index):1
Unable to Load SwaggerUI (index):33
Can't read from server. It may not have the appropriate access-control-origin settings. (index):34
Uncaught Can't read from server. It may not have the appropriate access-control-origin settings.
....
My questions are
What exactly are the errors telling me?
I know it's related CORS problem but i couldn't figure it out clearly.
If I have the similar situation in production,
where do i have to put the codes like this ?
(i added it in main.js (Apps\petstore\main.js) )
swagger.setHeaders = function setHeaders(res) {
res.header('Access-Control-Allow-Origin', "*");
res.header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
res.header("Access-Control-Allow-Headers", "Content-Type, X-API-KEY");
res.header("Content-Type", "application/json; charset=utf-8");
};
Thanks again.
The text was updated successfully, but these errors were encountered: