In the example below I perform 2 Post Fetch requests. The function 'mdbSetFav' has no cors issues. But the function 'mdbCreateList' has cors issues. Yet the list gets created so I don't understand why I get an error?
mdbCreateList({context},data){
fetch(`${BaseURL}list?api_key=${APIKey}&session_id=${sessionStorage.getItem('sessionID')}`,{
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: JSON.stringify(data)
})
.then(function(response) {
if (response.status === 401) {
console.log(response)
router.push('/login')
}
return response.text().then(function(text) {
let json = JSON.parse(text)
console.log(json)
return;
})})
.then(function(){
context.dispatch('mdbLists');
})
.catch(function(error){
console.error(error);
});
},
mdbSetFav({state},data){
console.log(JSON.stringify(data))
fetch(`${BaseURL}account/${state.account.id}/favorite?api_key=${APIKey}&session_id=${sessionStorage.getItem('sessionID')} `,{
method: 'POST',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
body: JSON.stringify(data)
})
.then(function(response) {
if (response.status === 401) {
console.log(response)
router.push('/login')
}
return response.text().then(function(text) {
let json = JSON.parse(text)
console.log(json)
return;
})})
.then(function(){
//context.dispatch('mdbLists');
})
.catch(function(error){
console.error(error);
});
},
The error:
Access to fetch at 'https://api.themoviedb.org/3/list?api_key=***&session_id=***' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled
and a warning:
Cross-Origin Read Blocking (CORB) blocked cross-origin response https://api.themoviedb.org/3/list?api_key=***&session_id=*** with MIME type application/json. See https://www.chromestatus.com/feature/5629709824032768 for more details.
Can anyone help me out?
Can't find a movie or TV show? Login to create it.
Want to rate or add this item to a list?
Not a member?
Reply by Travis Bell
on January 9, 2019 at 3:50 PM
Hi @RuneClaeys,
Indeed, it seems as though the
POST /3/list
method does not have the proper CORS headers added. I'll get them added and let you know when it is working.Thanks.
Reply by RuneClaeys
on January 10, 2019 at 4:07 AM
Thanks for the quick response. I've come across an other problem. Is it possible that there's an error with the DELETE a list call in version 3 of the API? It keeps telling me I'm not authorized even with a sessionID I just requested?
Reply by Travis Bell
on February 8, 2019 at 4:45 PM
I've created a new ticket that you can follow and vote on about the CORS issue here.
With regards to your second question, have completed step #2 in the walkthrough?
Reply by kibice
on June 27, 2019 at 5:00 AM
Hi @travisbell, Could you share roadmap when this fix will be available on production? Thank you in advance.
Reply by Travis Bell
on July 2, 2019 at 10:34 AM
Hi @kibice, you can follow the ticket above. That way you will be notified of any changes to it.
Reply by lawrencemhoni
on September 19, 2019 at 8:01 AM
Hello @travisbell I'm facing the same issue. How do I go about it?
Reply by Travis Bell
on September 20, 2019 at 6:11 PM
Hey @lawrencemhoni, the fix for this actually went live last week, I just hadn't updated the ticket yet. You can see here there is now the correct headers (
Access-Control-Allow-Origin
) being returned:Request
Response
Reply by lawrencemhoni
on September 21, 2019 at 12:45 PM
Fantastic! Thank you @travisbell
Reply by lawrencemhoni
on September 21, 2019 at 1:06 PM
@travisbell for a moment it worked... Maybe I did something right... But right now this is what is being returned.
Reply by Travis Bell
on September 21, 2019 at 2:43 PM
There's no session ID being specified in your request. You need to pass a approved session in as a
session_id
param.Reply by lawrencemhoni
on September 22, 2019 at 5:25 AM
@travisbell
returns
Reply by lawrencemhoni
on September 22, 2019 at 5:28 AM
@travisbell
As shown above, I would love to have my accountID so that I may access my watchlist using
If we can get this to work, you will be my hero of the day.