• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
Bartenders:
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

SteamAPI

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi guys we are trying to get our users stats from the steamWeb api using ajax
I am having difficulty getting the script to work as with CORS cross domain.



Using the log on Chrome i can see this error

XMLHttpRequest cannot load http://api.steampowered.com/ISteamUser/GetFriendList/v0001/?key=31xxxxxxxxxx0&steamid=76561197960435530&relationship=friend. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://evo4ever.me' is therefore not allowed access. The response had HTTP status code 500.

we have added

<filter>
 <filter-name>CorsFilter</filter-name>
 <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
 <init-param>
   <param-name>cors.allowed.origins</param-name>
   <param-value></param-value>
 </init-param>
 <init-param>
   <param-name>cors.allowed.methods</param-name>
   <param-value>GET,POST,PUT</param-value>
 </init-param>
 <init-param>
   <param-name>cors.allowed.headers</param-name>
   <param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
 </init-param>
 <init-param>
   <param-name>cors.exposed.headers</param-name>
   <param-value></param-value>
 </init-param>
 <init-param>
   <param-name>cors.support.credentials</param-name>
   <param-value>true</param-value>
 </init-param>
 <init-param>
   <param-name>cors.preflight.maxage</param-name>
   <param-value>180</param-value>
 </init-param>
</filter>
<filter-mapping>
 <filter-name>CorsFilter</filter-name>
 <url-pattern>/*</url-pattern>
</filter-mapping>

to the webXML but we still seem to not be allowed to do this.

Burning my head out i think the way the headers are done is the issue but i dont seem to be able to figure it out any help would be much appreciated.
 
Marshal
Posts: 22444
121
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to the Ranch!

Christopher Roberts wrote:


Your allowed origins list is empty, and therefore http://evo4ever.me is not allowed. Try adding it to that list.
 
Christopher Roberts
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi m8 thanks for the responce. I have hadded http://evo4ever.me to the filter buts same issue. I would like to show you the full code incase we are doing the headers wrong.
so we are trying to send a users video to our file server as our web server is on a much slower connection and has smaller disk space.
The idear being they can upload and it be sent straight to remote server.

Servlet for userVideoUpload


This being hosted on the remote server.
Then we have our upload page.



and finally our web.xml from the remote server



thanks again for any help you can give us it really should be working
 
Rob Spoor
Marshal
Posts: 22444
121
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Christopher Roberts wrote:


What is this code supposed to do? Are you aware that that method is executed after the CORS filter has already done its work, and therefore will not have any effect on what the CORS filter does?

Anyway, I suggest setting your debugger to work, and find out what the CORS filter does. In fact, it wouldn't surprise me if the filter isn't even triggered. After all, it's the remote call to api.steampowered.com that fails. Your CORS filter only works on requests to your own site.
 
Rob Spoor
Marshal
Posts: 22444
121
Eclipse IDE Spring VI Editor Chrome Java Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Have you read https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS? I did a quick scan, and it showed me that Access-Control-Allow-Origin should be a response header. You're sending it as a request header though.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic