[annotator-dev] Access-Control-Allow-Origin error when using annotateit.org as the annotation store for my app
Rouan Wilsenach
rouanw at gmail.com
Tue May 14 06:21:35 UTC 2013
Sure thing. Thanks Randall.
Request:
Request URL:
http://annotateit.org/api/search?uri=http%3A%2F%2Flocalhost%3A3000%2F
<my-resource>%2F2
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Cache-Control:max-age=0
Origin:http://localhost:3000
Referer:http://localhost:3000/<my-resource>/2
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5)
AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31
x-annotator-auth-token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjb25zdW1lcktleSI6ImEzZmI1N2NiM2E0ZjQ0OTFhZmQ1YzMzYmYyNmVkNDAyIiwidXNlcklkIjoyMDksImlzc3VlZEF0IjoiMjAxMy0wNS0xNFQwNjoxMDowNVoiLCJ0dGwiOjg2NDAwfQ.R7h71yVZwSUm3OED6-kqPM3-jSQlnL0O50nObe4YcGY
Query String Parametersview sourceview URL encoded
uri:http://localhost:3000/<my-resource>/2
There are no response headers recorded in Firefox or Chrome. Just the 500
error code.
Chrome says the status of the GET is (cancelled) and the type is Pending.
The Initiator is jQuery - here is the js stack trace (I'm using the
minified source so it's probably not very helpful):
send at jquery.js:8435 <http://localhost:3000/assets/jquery.js?body=1>
jQuery.extend.ajax at jquery.js:7987<http://localhost:3000/assets/jquery.js?body=1>
b.Plugin.Store.d._apiRequest at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
b.Plugin.Store.d.loadAnnotationsFromSearch at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
b.Plugin.Store.d._getAnnotations at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>(anonymous
function)@annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
b.Plugin.Auth.d.setToken at annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>(anonymous
function)@annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
fire at jquery.js:975 <http://localhost:3000/assets/jquery.js?body=1>
self.fireWith at jquery.js:1085 <http://localhost:3000/assets/jquery.js?body=1>
done at jquery.js:7804 <http://localhost:3000/assets/jquery.js?body=1>callback@
jquery.js:8519 <http://localhost:3000/assets/jquery.js?body=1>
Let me know if there's anything other info you may find helpful.
Thanks,
Rouan
On 13 May 2013 22:24, Randall Leeds <tilgovi at hypothes.is> wrote:
> Could you show us the request and response headers?
>
>
> On Mon, May 13, 2013 at 12:58 AM, Rouan Wilsenach <rouanw at gmail.com>wrote:
>
>> Hi all
>>
>> I was hoping someone could help me figure out CORS for my app. I'm using Annotator
>> 1.2.6 with annotateit.org as my backend store. I get the error below
>> when loading a page that uses annotator.
>> In Chrome:
>> XMLHttpRequest cannot load http://annotateit.org/api/search?uri=<http://annotateit.org/api/search?uri=http%3A%2F%2Flocalhost%3A3000%2Fpoems%2F404>
>> *<my-uri>*. Origin http://localhost:3000 <http://localhost/> is not
>> allowed by Access-Control-Allow-Origin.
>>
>> In Firefox the error is less descriptive:
>> "NetworkError: 500 Internal Server Error -
>> http://annotateit.org/api/search?uri=<my-uri>"
>>
>> I've tried this on localhost, using http://lvh.me and on my staging
>> environment - all with the same results.
>>
>> My javascript looks something like this:
>>
>> jQuery(function ($) {
>>> $('.annotated-content').annotator()
>>> .annotator('setupPlugins', {}, {
>>> Tags: false,
>>> Filter: false,
>>> Auth: {tokenUrl: '/auth/token'}
>>> });
>>> });
>>
>>
>> And I've implemented the auth/token endpoint like this (Rails):
>>
>> def token
>>> render :json => JWT.encode({
>>> :consumerKey => CONSUMER_KEY,
>>> :userId => session[:user_id],
>>> :issuedAt => Time.now.utc.iso8601,
>>> :ttl => CONSUMER_TTL
>>> }, CONSUMER_SECRET)
>>> end
>>
>>
>> From what I can tell, the annotator store is doing what it's meant to do
>> in terms of allowing cross-domain requests, in the after_request of
>> store.py, where the '/search' action lives (
>> https://github.com/okfn/annotator-store/blob/master/annotator/store.py).
>>
>> Any ideas for what I can try to address this or to debug it further?
>>
>> As an aside - is there a sandbox store available so that I don't have to
>> hit the real annotateit.org with all my test requests?
>>
>> Thanks,
>> Rouan
>>
>> _______________________________________________
>> annotator-dev mailing list
>> annotator-dev at lists.okfn.org
>> http://lists.okfn.org/mailman/listinfo/annotator-dev
>> Unsubscribe: http://lists.okfn.org/mailman/options/annotator-dev
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20130514/e0200377/attachment-0002.html>
More information about the annotator-dev
mailing list