[annotator-dev] Access-Control-Allow-Origin error when using annotateit.org as the annotation store for my app
Randall Leeds
tilgovi at hypothes.is
Tue May 14 22:52:28 UTC 2013
There have been periodic reports of 500 errors on annotateit calls. Nick
just gave me access to the production app so I can debug. I'll look into
this when I can.
On Mon, May 13, 2013 at 11:21 PM, Rouan Wilsenach <rouanw at gmail.com> wrote:
> Sure thing. Thanks Randall.
>
> Request:
>
> Request URL:
> http://annotateit.org/api/search?uri=http%3A%2F%2Flocalhost%3A3000%2F
> <my-resource>%2F2
> Request Headersview source
> Accept:application/json, text/javascript, */*; q=0.01
> Cache-Control:max-age=0
> Origin:http://localhost:3000
> Referer:http://localhost:3000/<my-resource>/2
> User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5)
> AppleWebKit/537.31 (KHTML, like Gecko) Chrome/26.0.1410.65 Safari/537.31
>
> x-annotator-auth-token:eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJjb25zdW1lcktleSI6ImEzZmI1N2NiM2E0ZjQ0OTFhZmQ1YzMzYmYyNmVkNDAyIiwidXNlcklkIjoyMDksImlzc3VlZEF0IjoiMjAxMy0wNS0xNFQwNjoxMDowNVoiLCJ0dGwiOjg2NDAwfQ.R7h71yVZwSUm3OED6-kqPM3-jSQlnL0O50nObe4YcGY
> Query String Parametersview sourceview URL encoded
> uri:http://localhost:3000/<my-resource>/2
>
> There are no response headers recorded in Firefox or Chrome. Just the 500
> error code.
>
> Chrome says the status of the GET is (cancelled) and the type is Pending.
> The Initiator is jQuery - here is the js stack trace (I'm using the
> minified source so it's probably not very helpful):
>
> send at jquery.js:8435 <http://localhost:3000/assets/jquery.js?body=1>
> jQuery.extend.ajax at jquery.js:7987<http://localhost:3000/assets/jquery.js?body=1>
> b.Plugin.Store.d._apiRequest at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
> b.Plugin.Store.d.loadAnnotationsFromSearch at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
> b.Plugin.Store.d._getAnnotations at annotator-full.min.js:12<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1> (anonymous
> function)@annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
> b.Plugin.Auth.d.setToken at annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1> (anonymous
> function)@annotator-full.min.js:11<http://localhost:3000/assets/annotator/annotator-full.min.js?body=1>
> fire at jquery.js:975 <http://localhost:3000/assets/jquery.js?body=1>
> self.fireWith at jquery.js:1085<http://localhost:3000/assets/jquery.js?body=1>
> done at jquery.js:7804 <http://localhost:3000/assets/jquery.js?body=1>
> callback at jquery.js:8519 <http://localhost:3000/assets/jquery.js?body=1>
>
> Let me know if there's anything other info you may find helpful.
>
> Thanks,
> Rouan
>
>
> On 13 May 2013 22:24, Randall Leeds <tilgovi at hypothes.is> wrote:
>
>> Could you show us the request and response headers?
>>
>>
>> On Mon, May 13, 2013 at 12:58 AM, Rouan Wilsenach <rouanw at gmail.com>wrote:
>>
>>> Hi all
>>>
>>> I was hoping someone could help me figure out CORS for my app. I'm using Annotator
>>> 1.2.6 with annotateit.org as my backend store. I get the error below
>>> when loading a page that uses annotator.
>>> In Chrome:
>>> XMLHttpRequest cannot load http://annotateit.org/api/search?uri=<http://annotateit.org/api/search?uri=http%3A%2F%2Flocalhost%3A3000%2Fpoems%2F404>
>>> *<my-uri>*. Origin http://localhost:3000 <http://localhost/> is not
>>> allowed by Access-Control-Allow-Origin.
>>>
>>> In Firefox the error is less descriptive:
>>> "NetworkError: 500 Internal Server Error -
>>> http://annotateit.org/api/search?uri=<my-uri>"
>>>
>>> I've tried this on localhost, using http://lvh.me and on my staging
>>> environment - all with the same results.
>>>
>>> My javascript looks something like this:
>>>
>>> jQuery(function ($) {
>>>> $('.annotated-content').annotator()
>>>> .annotator('setupPlugins', {}, {
>>>> Tags: false,
>>>> Filter: false,
>>>> Auth: {tokenUrl: '/auth/token'}
>>>> });
>>>> });
>>>
>>>
>>> And I've implemented the auth/token endpoint like this (Rails):
>>>
>>> def token
>>>> render :json => JWT.encode({
>>>> :consumerKey => CONSUMER_KEY,
>>>> :userId => session[:user_id],
>>>> :issuedAt => Time.now.utc.iso8601,
>>>> :ttl => CONSUMER_TTL
>>>> }, CONSUMER_SECRET)
>>>> end
>>>
>>>
>>> From what I can tell, the annotator store is doing what it's meant to do
>>> in terms of allowing cross-domain requests, in the after_request of
>>> store.py, where the '/search' action lives (
>>> https://github.com/okfn/annotator-store/blob/master/annotator/store.py).
>>>
>>> Any ideas for what I can try to address this or to debug it further?
>>>
>>> As an aside - is there a sandbox store available so that I don't have to
>>> hit the real annotateit.org with all my test requests?
>>>
>>> Thanks,
>>> Rouan
>>>
>>> _______________________________________________
>>> annotator-dev mailing list
>>> annotator-dev at lists.okfn.org
>>> http://lists.okfn.org/mailman/listinfo/annotator-dev
>>> Unsubscribe: http://lists.okfn.org/mailman/options/annotator-dev
>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.okfn.org/pipermail/annotator-dev/attachments/20130514/dfd75049/attachment-0002.html>
More information about the annotator-dev
mailing list