Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cross origin GET from local file://

Tags:

javascript

ajax

jsonp

cross-domain

github-api

I'm trying to build an html file to monitor some things on a remote site- specifically, github.com. I'd like to be able to keep it to just that flat file, making the requests straight from the JS to github's API. My thought process went like this:

  1. Let's use jsonp, since I only need read access, so sticking with GETs should be fine.
    • That fails because you can't do basic authentication with jsonp.
  2. Ok, I'll use Github's OAuth instead of basic authentication!
    • That fails because the browser doesn't like me redirecting to a local resource: Not allowed to load local resource: file:///Users/... for understandable security reasons.
  3. Ok, I'll load Github's oauth in an iFrame, then get the resulting url (which should contain the oauth code I need).
    • That fails because you apparently can't access anything about a child iframe if it's on another domain, so unless I redirect back to file:///whatever, I can't get the final url. And, of course, I can't redirect to file:///whatever because of the ``Not allowed to load local resource` again.
  4. Ok, I'll use Cross-Origin Resource Sharing (going back to basic auth again)!
    • That fails because CORS from a file:/// url send the origin header as null, which servers won't accept

So, any suggestions as to how to successfully authenticate to this api from a single, local html file- either as a way around the above tacts, or another idea entirely?

like image 448
Fishtoaster Avatar asked Nov 19 '11 05:11

Fishtoaster

People also ask

How do you solve CORS request not HTTP?

Reason: CORS request not HTTP This often occurs if the URL specifies a local file, using a file:/// URL. To fix this problem, make sure you use HTTPS URLs when issuing requests involving CORS, such as XMLHttpRequest , Fetch APIs, Web Fonts ( @font-face ), and WebGL textures, and XSL stylesheets.

How do I fix cross origin requests are only supported for protocol schemes?

Just change the url to http://localhost instead of localhost . If you open the html file from local, you should create a local server to serve that html file, the simplest way is using Web Server for Chrome . That will fix the issue.

Does CORS require https?

CORS requests may only use the HTTP or HTTPS URL scheme, but the URL specified by the request is of a different type. This often occurs if the URL specifies a local file, using the file:/// scheme.

1 Answers

If you are using google chrome you could try running it with the

--allow-file-access-from-files

switch enabled.

like image 152
Esailija Avatar answered Oct 04 '22 21:10

Esailija
Sign in to Comment

Related questions

Where to put javascript and how to handle events [closed]
Help me understand JS + CSS + HTML = Cool UI [closed]
Diagonal Column Headers
Android WebView + loadUrl with javascript + onPageFinished = lag
Unlimited-size base conversion?
SVG/VML browser compatibility table
Winnovative HTML to PDF converter
javascript image onError in case of non 200 response
Modernizr 2 enabled blank pages in several browsers
Javascript cross-browser input layer
jquery mouse move capture inaccuracy
What are good combinations of Scala + Web framework + Javascript framework? [closed]
Is a Youtube buffer finish event possible
How to rotate image in relation to mouse position?
How do you inspect a javascript timeout using Firebug?
offsetHeight and offsetWidth calculating incorrectly on first onclick event, not second
Modifying the tablefilter jQuery plugin
interactive _standalone_ output from matplotlib
Which browsers support triggering click event on input[type="file"] elements?
Make the script better. The smoke is not smoothing enough

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!