Could you add the following HTTP header to the API's HTTP responses?
Access-Control-Allow-Origin: *
This header will allow XMLHttpRequest L2 and XDomainRequest to access the API via client side javascript.
More info: http://en.wikipedia.org/wiki/XMLHttpRequest#Cross-domain_requests http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#access-control-allow-origin-response-header http://msdn.microsoft.com/en-us/library/hh673569(v=vs.85).aspx#cors_xhr
Message edited by Dave 3 weeks ago
Dave – 1 year ago
Love the site btw! =)
hubtomato – 11 months ago
Yes, this would be very useful. Using CORS headers avoids the need for JSONP, thus making the use of the RottenTomatoes API more secure.
Simply add "Access-Control-Allow-Origin: *" to the HTTP headers of all JSON responses, to allow cross-domain requests.
jonbcamposDedo – 3 weeks ago
was this ever done? I'm guessing no as I'm getting errors:
XMLHttpRequest cannot load http://api.rottentomatoes.com/api/public/v1.0/lists/movies/in_theaters.json?apikey={mykey}&limit=10. Origin http://{myurl} is not allowed by Access-Control-Allow-Origin.
Please sign in to add a post.
Could you add the following HTTP header to the API's HTTP responses?
Access-Control-Allow-Origin: *
This header will allow XMLHttpRequest L2 and XDomainRequest to access the API via client side javascript.
More info: http://en.wikipedia.org/wiki/XMLHttpRequest#Cross-domain_requests http://dvcs.w3.org/hg/cors/raw-file/tip/Overview.html#access-control-allow-origin-response-header http://msdn.microsoft.com/en-us/library/hh673569(v=vs.85).aspx#cors_xhr
Message edited by Dave 3 weeks ago
Tags
Dave – 1 year ago
Love the site btw! =)
hubtomato – 11 months ago
Yes, this would be very useful. Using CORS headers avoids the need for JSONP, thus making the use of the RottenTomatoes API more secure.
Simply add "Access-Control-Allow-Origin: *" to the HTTP headers of all JSON responses, to allow cross-domain requests.
jonbcamposDedo – 3 weeks ago
was this ever done? I'm guessing no as I'm getting errors:
XMLHttpRequest cannot load http://api.rottentomatoes.com/api/public/v1.0/lists/movies/in_theaters.json?apikey={mykey}&limit=10. Origin http://{myurl} is not allowed by Access-Control-Allow-Origin.