I upgrade discourse yesterday and I get all the API callbacks with error I have found that the problem is the autentications headers (1) but I trying with some calls and I get this error: Access to XMLHttpRequest at 'https://mydomain.com/notifications.json?username=admin' from origin 'https://mydom…

You may need to have CORS setup in your site settings?

Yes, I have added the domain where I call the API in discourse settings, but that error about field api-username, I dont know when I have to resolve.

[图片] pablogg: I using Vue "Api-Key":"xxxxxxxxxxxxxxxxx", "Api-Username": "system", You are putting your system API key in client side code? :scream: This means that anyone can grab it from your Javascript code and use it to completely own your forum. Any Ajax HTTP requests to Discourse sh…

Not just a testing , I am using the username Vue.http .get( "https://discourse.mydomain.com/notifications.json?username="+input.username, { headers: { "Api-Key":"xxxxxxxxxxxxxxxxxxxxxx", "Api-Username": input.username } } ) But I g…

Let me repeat what I said: [图片] RGJ: Any Ajax HTTP requests to Discourse should be leveraging an existing session That means: no authentication headers. At all.

You really should not be using these API credentials for CORS requests which is why that header field is not allowed. [图片] CORS error accessing API from javascript application dev Oh, so you are trying to make this request from a client-side javascript application? That i…

I have read the User API keys specification … In my case I have SSO with a frontend app in javascript, Could I consuming the API without using the authorization UI for every user? I would like a way that a could use de api-username … is that possible? Regards

could you solve this? Thank you!

In the end, I went back to the previous version of Discourse so I didn’t have to change all the API integration

更新 Discourse 后 API 出现 Access-Control-Allow-Headers CORS 错误

支持

blake (Blake Erickson) 2020 年4 月 12 日 18:24 7

您确实不应该将这些 API 凭据用于 CORS 请求，这就是为什么不允许该标头字段。

不过，我们允许在 CORS 中使用 user-api 标头：

3 个赞

话题		回复	浏览量
CORS error accessing API from javascript application Development	11	3801	2023 年4 月 9 日
API CORS Headers Incorrect Support	11	3003	2023 年6 月 8 日
Having issue accessing the Discourse APIs from react app Development rest-api	6	853	2023 年4 月 10 日
Getting an error while trying to fetch individual posts General	1	888	2022 年4 月 14 日
Issue with Api Development	1	898	2022 年8 月 16 日

更新 Discourse 后 API 出现 Access-Control-Allow-Headers CORS 错误

相关话题