Trying to create an issue from angularjs using rest api throwing 403 forbidden error. New to this, any help would be appreciated.
error:
Response to preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:8080' is therefore not allowed
access. The response had HTTP status code 403.
$http({
method: "POST",
url: 'https://jira.ab.com/rest/api/2/search',
beforeSend: function(xhr) {
xhr.setRequestHeader("Authorization", "Basic " +
btoa('abc#ab.com' + ":" + '***'));
},
headers: {
'Content-Type': 'application/json'
},
data: JSON.stringify({
jql: {
project: "JQR",
maxResults: 20,
}
})
}).then(function successCallback(response) {
return response.data;
}, function errorCallback() {
console.log("Error calling API")
});
Related
I have searched for the answer but nothing helped. Please suggest me with a solution, when I try to shorten the url with bitly and vue js I get 403 error.
axios api:
const headers = {
'Authorization': `Bearer ${myToken}`,
"Access-Control-Allow-Origin": "*",
"Content-Type": "application/json",
'Access-Control-Allow-Credentials':true
};
const dataString =
'{ "long_url": "https://dev.bitly.com", "domain": "bit.ly", "group_guid": "Ba1bc23dE4F" }';
axios
.post("https://api-ssl.bitly.com/v4/shorten", {
headers: headers,
body: dataString,
})
.then(function (response) {
if (response.status == 200) {
console.log(response);
} else {
console.log("Opps dude, status code != 200 :( ");
}
})
.catch(function (error) {
console.log("Error! " + error);
});
I have changed code according proposal in the comments. But the same 403 error.
I have just received bitly support email that it is not working because I use group_id. "... "Ba1bc23dE4F" is a placeholder value in our documentation to show where your group GUID would be passed if you have an account with multiple groups. In your case, you can remove this whole value and simply pass a body with:
{ "long_url": "https://dev.bitly.com", "domain": "bit.ly" }"
I get a CORS error and most likely is from X-Socket-Id. I tried to remove X-Socket-Id from Request Headers, but is not working..
.... has been blocked by CORS policy: Request header field x-socket-id is not allowed by Access-Control-Allow-Headers in preflight response.
.get(this.$URL + "/search/", {
params: {
q: this.search,
},
headers: {
Authorization: "Basic " + btoa(this.$KEY+ ":"),
},
transformRequest: (data, headers) => {
delete headers.common["X-Socket-Id"];
return data;
},
})
I found out a solution. Create axios with default settings, and for my specific case I had to remove X-Requested-With.
X-Sockets-Id, was already removed in my request.
var instance = axios.create();
delete instance.defaults.headers.common["X-Requested-With"];
instance
.get(this.$URL+ "/search/", {
params: {
q: this.search_for_company,
},
headers: {
Authorization: "Basic " + btoa(this.$KEY+ ":"),
},
})
I was able to access vsrm.dev.azure.com API via $.ajax.get calls
i.e. https://vsrm.dev.azure.com/microsoft/***/_apis/release/definitions/****
Now I'm starting to get CORS error:
Access to XMLHttpRequest at 'https://vsrm.dev.azure.com/microsoft//_apis/release/definitions/' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Any ideas how to fix this?
The ajax get still work for me now without any error message. Since you did not share any code of yours, here I just provide you mine:
<script type="text/javascript">
$(document).ready(function () {
$("#click").on("click", function () {
$.ajax({
type: 'GET',
url: 'https://vsrm.dev.azure.com/{org}/{project name}/_apis/release/definitions/{id}?api-version=5.1',
cache: false,
dataType: 'json',
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Basic " + btoa("" + ":" + "{PAT token}"));
},
}).done(function (data) {
alert(data);
}).error(function (e) {
var s = "error error error";
});
})
});
</script>
You can try with mine to see whether it is work for you.
Update:
I cover my org name, project name, release definition id and my PAT token in my script, please replace it with your available values.
I am using react as a front end for a wordpress site. From a form i am trying to POST data to wordpress using axios and the wp-api. Below is how I am trying to do this, but I keep getting:
code: "rest_cannot_create", message: "Sorry, you are not allowed to
create posts as this user.",…} code : "rest_cannot_create" data :
{status: 401} message : "Sorry, you are not allowed to create posts as
this user."
const AUTH_OBJ = 'OAuth oauth_consumer_key="hMZQANcBegerge",oauth_token="eger",oauth_signature_method="HMAC-SHA1",oauth_timestamp="1496325588",oauth_nonce="oligrgGalWv",oauth_version="1.0",oauth_signature="v%2f4tiFyH1H46XKBXp6orthejy8Q44%253D"';
const URL = 'http://TEST.COM/wp-json/wp/v2/TEST';
axios.post(URL,
querystring.stringify({
name: this.props.name
}), {
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Authorization': AUTH_OBJ
}
}).then((response) => {
console.log('Response: ', response);
if(response.status === 200) {
console.log('RESPONSE 200');
}
});
I have it working using PostMan but cannot get this to work otherwise.
p.s All tokens etc in this post are just made up for example.
I'm new to SharePoint development. I'm Trying to develop simple SharePoint App using SharePoint online. I have a List named 'Products' in my site collection. In my app I wrote the following code to add and delete items to that list
function addProduct(product) {
var executor;
executor = new SP.RequestExecutor(appwebUrl);
var url = appwebUrl +"/_api/SP.AppContextSite(#target)/web/lists/getbytitle('Products')/items/?#target='" + hostwebUrl+"'";
executor.executeAsync({
url: url,
method: "POST",
body: JSON.stringify({__metadata: { type: 'SP.Data.ProductsListItem' },
Title: product.ProductName(),
ProductId: product.ProductId(),
ProductName: product.ProductName(),
Price:product.Price()
}),
headers: {
"Accept": "application/json; odata=verbose",
"content-type": "application/json;odata=verbose",
},
success: successProductAddHandler,
error: errorProductAddHandler
});
}
function successProductAddHandler(data) {alert('added successfully') }
function errorProductAddHandler(data, errorCode, errorMessage) { alert('cannot perform action') }
function deleteProduct(product) {
var executor;
executor = new SP.RequestExecutor(appwebUrl);
var url=appwebUrl+"/_api/SP.AppContextSite(#target)/web/lists/getbytitle('Products')/items('" + product.ID() + "')/?#target='" + hostwebUrl + "'";
executor.executeAsync({
url: url,
method: "POST",
headers: {
"IF-MATCH": "*",
"X-HTTP-Method": "DELETE"
},
success: successProductAddHandler,
error: errorProductAddHandler
});`
Im getting 403 error code when I call addProduct,
and 400 error code when I call deleteProduct.
I'm able to get the list items and display.
I tried adding X-RequestDigest": $("#__REQUESTDIGEST").val() but it did not work
If I include "Accept": "application/json; odata=verbose" in a request header for deleteProduct(), and when I call deleteProduct, two requests are going to server
/sites/productsdev/productsapp/_api/contextinfo (getting digest value)
/sites/ProductsDev/ProductsApp/_api/SP.AppContextSite(#target)/web/lists/getbytitle('Products')/items(itemid)/?#target='mysitecollectionurl' (using the digest value returned by the above call for X-RequestDigest)
Whenever you are doing any POST operation in SharePoint 2013 using REST API you have to pass below snippet in header
"X-RequestDigest": $("#__REQUESTDIGEST").val()
eg
headers: { "Accept": "application/json;odata=verbose",
"X-RequestDigest": $("#__REQUESTDIGEST").val() }