mav.3904:

Hi,

this is my first try to make an app using the GW2 API. Every time i tested my code in Firefox a Cross-Origin error pops up.

This is my simple code


      var config = {
		headers: {
			'Access-Control-Allow-Origin': '*',
			'Authorization': 'Bearer TOKEN ID'
			
		}
	};
	
	$http.get('https://api.guildwars2.com/v2/commerce/transactions/history/sells',config)
	.success(function(data) {
		$scope.output = "success";
	}).error(function (data) {
		$scope.output = "Request failed";
		console.log(JSON.stringify(data));
	});

If i use jsonp instead of method get i get a 403 forbidden as response.

Does anyone have an idea what I’m doing wrong?

p.s.
I build my apps with the ionic framework and angularJS.

best regards
mav

Wizeon.3852:

I’m not sure if that’s a firefox specific problem, but here’s my ajax function stripped of my own stuff.

And here’s a link to the dev response about using headers or get parameters https://forum-en.guildwars2.com/forum/community/api/Launching-v2-commerce-transactions/5077482

anetAjax(“transactions/current/buys”, function(response) {
console.log(response);
});

function anetAjax(url, successFunction, errorFunction) {
if(config[‘apiKey’]) {
$.ajax({
url: ‘https://api.guildwars2.com/v2/commerce/’+url+’?access_token=‘+config[’apiKey’],
success: function(response) {
if(typeof(successFunction) == “function”) {
successFunction(response);
}
},
error: function(response, status) {
console.log(“Error retrieving data from the server”);
if(typeof(errorFunction) == “function”) {
errorFunction();
}
}
});
}
else {
console.log(“ERROR: Api key not set”);
if(typeof(errorFunction) == “function”) {
errorFunction();
}
}
}

edit: can’t figure out how to make a code block, indentation doesn’t really work now…

smiley.1438:

@mav: you have to include the token into the URL using the “access_token” parameter. A cross origin request won’t work with extra headers. (see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Simple_requests )

(also “Access-Control-Allow-Origin” is a header a server has to respond with)