Jump to content

Enable CORS (Youtube API)

ricardolb

By ricardolb
in General

 Share

Recommended Posts

ricardolb Member

ricardolb

Posted
Posted

Hey guys, I am trying to reproduce youtube videos in an Unigui Application, I have it working to play the videos, the problem starts when I need to intercept the API events for when the State changes, eg: playback ended, playback stopped etc...

I get a console message "Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/id' from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."

Is it possible to enable CORS in UniGUI?

Has anyone done something similar?

 

Thank you.

  • 1 year later...
irigsoft Advanced Member

irigsoft

Posted
Posted
On 8/5/2019 at 4:26 PM, ricardolb said:

Hey guys, I am trying to reproduce youtube videos in an Unigui Application, I have it working to play the videos, the problem starts when I need to intercept the API events for when the State changes, eg: playback ended, playback stopped etc...

I get a console message "Access to XMLHttpRequest at 'https://googleads.g.doubleclick.net/pagead/id' from origin 'https://www.youtube.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource."

Is it possible to enable CORS in UniGUI?

Has anyone done something similar?

 

Thank you.

Hello,

did You succeed with this problem ?

irigsoft Advanced Member

irigsoft

Posted
Posted

Enabling CORS is possible in server side.

Maybe this will help, from here: https://portswigger.net/web-security/cors/access-control-allow-origin

or here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin

https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

procedure TUniServerModule.UniGUIServerModuleHTTPCommand
  //enable CORS (XMLHttpRequest)
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Origin', 'Server_URL');
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Expose-Headers', '"Location, Warning, Etag"');
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Origin-Headers', '"Accept, Content-Type, If-None-Match, X-If-None-Match"');
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Headers', '"Content-Type, If-None-Match, X-If-None-Match, Authorization"');
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Credentials', 'true');
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Allow-Methods', 'GET');//,POST, DELETE, HEAD, OPTIONS
  AResponseInfo.CustomHeaders.AddValue('Access-Control-Max-Age', '86400');

not tested !!!

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...