Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

CORS Error on Wikipedia API

I am a little confused about how to handle a wikipedia api call in react. I keep running into this error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource(...)

Right now, I am running an action upon submitting a form, the form takes the form input value and inserts that into the Wikipedia api URL. I have tried using JSONP, but I really would prefer not to use that since I have heard it is super hacky.

actions/index.js

import axios from 'axios';

const WIKI_URL = "https://en.wikipedia.org/w/api.php?action=query&format=jsonp&list=search&titles=";
const FETCH_ARTICLES = 'FETCH_ARTICLES';

export function fetchArticles(term) {
  const url = `${WIKI_URL}${term}`;
  const request = axios.get(url);

  return {
    type: FETCH_ARTICLES,
    payload: request
  }

I can definitely add more code if necessary, but from what I can tell, this is where the problem lies.

edit: If I had to use JSONP, I still have not been able to. I believe that axios does not support JSONP, would there be a better library to use? Why do some APIs have a Cross Origin Reference Error while others do not?

like image 793
Sam Avatar asked Feb 16 '17 19:02

Sam


People also ask

How do I get rid of cross-origin error?

To get rid of a CORS error, you can download a browser extension like CORS Unblock ↗. The extension appends Access-Control-Allow-Origin: * to every HTTP response when it is enabled. It can also add custom Access-Control-Allow-Origin and Access-Control-Allow-Methods headers to the responses.

How do I fix CORS error in HTML?

to fix the error, you need to enable CORS on the server. The client expects to see CORS headers sent back in order to allow the request. It might even send a preflight request to make sure that the headers are there. You can enable CORS server side for one, multiple, or all domains hitting your server.

What is CORS in web API?

Cross-origin resource sharing (CORS) is a browser security feature that restricts cross-origin HTTP requests that are initiated from scripts running in the browser. If your REST API's resources receive non-simple cross-origin HTTP requests, you need to enable CORS support.

What is CORS origin error?

The CORS behavior, commonly termed as CORS error, is a mechanism to restrict users from accessing shared resources. This is not an error but a security measure to secure users or the website which you are accessing from a potential security bleach.


1 Answers

Drop format=jsonp and add origin=* to the query params in the WIKI_URL value:

const WIKI_URL = "https://en.wikipedia.org/w/api.php?origin=*&action=query…";

See the CORS-related docs for the Wikipedia backend:

For anonymous requests, origin query string parameter can be set to * which will allow requests from anywhere.

As far as the format param, JSON output is the default, so you don’t need to specify that.

like image 94
sideshowbarker Avatar answered Oct 06 '22 20:10

sideshowbarker