Getting Cross Origin Block Request [CORS] error when using .getJSON to get Play Store App Details

Question

So basically i was using 42matters.com APP market API to get the app details or information from the google play store, everything was working fine and i was getting the JSON response back, but when i came back to office after weekend holidays, this rather strange error came and nothing was being returned.

I have used $.getJSON function like:

var packageID = 'com.whatsapp';
   $.getJSON('https://42matters.com/api/1/apps/lookup.json?p='+packageID+'&access_token=accesstoken1234')
.done(function(appDetails) {
            $('#logo').html(JSON.stringify(appDetails));
        });

As mentioned this was returning the data and i was able to change everything accordingly but now it is giving me this error for no reason at all

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://42matters.com/api/1/apps/lookup.json?p=com.whatsapp&access_token=accesstoken1234. This can be fixed by moving the resource to the same domain or enabling CORS

i have enabled the CORS using PHP, and nothing happended, tried to change the conf file of apache to enable CORS there but the service wont restart with this, so i am stuck.

One more thing, when i manually enter the above link in the browser, it does give the desired result. Please help me resolve it

Answer 1

CORS is blocked in browser side that won't allow AJAX to request data from another domain. You should contact the 42matters.com team to open the crossdomain.xml for you like this CORS jQuery AJAX request or Can someone post a well formed crossdomain.xml sample?

Or the workaround for AJAX Cross-Domain is JSONP: jQuery AJAX cross domain but the API should support this kind of request.

The last thing is don't use AJAX to collect data from another sources, if it is mobile platform, it should have native HTTP Request object to do this

Answer 2

I know it's old technology, but some of us still have to deal with this.

If you're dealing with an IIS6 web server:

• Open Internet Information Service (IIS) Manager
• Right click the site you want to enable CORS for and go to Properties
• Change to the HTTP Headers tab
• In the Custom HTTP headers section, click Add
• Enter Access-Control-Allow-Origin as the header name
• Enter * as the header value
• Click Ok twice

IIS7 – Add this to your web.config

<?xml version="1.0" encoding="utf-8"?>
<configuration>
 <system.webServer>
   <httpProtocol>
     <customHeaders>
       <add name="Access-Control-Allow-Origin" value="*" />
     </customHeaders>
   </httpProtocol>
 </system.webServer>
</configuration>