search

Alfanous-team / alfanous

Alfanous is an Arabic search engine API provides the simple and advanced search in Quran , more features and many interfaces...
http://www.alfanous.org/
GNU Affero General Public License v3.0
254 stars 89 forks source link

Cross-Origin Request Blocked #470

Closed mdbadawi closed 6 years ago

mdbadawi commented 7 years ago

Asslam alikum i was trying to develop a chrome extension using your json But its not allawed and seems to have to install my own copy of django app it would be nicer if you allawed cross origin request ,thx

sneetsher commented 6 years ago

I'm not familiar with such issue. Reading web about it.

When I query: http://www.alfanous.org/jos2/?query=Allh

Response Headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Content-Language: en
Content-Security-Policy: default-src 'none' ; script-src resource:; 
Content-Type: application/json
Date: Tue, 22 May 2018 15:39:47 GMT
Vary: Accept-Language, Cookie
Via: 1.1 alproxy
charset: utf-8

Request Headers:

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.5
Connection: keep-alive
DNT: 1
Host: www.alfanous.org
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Firefox/60.0

Are not the line below enough to make browser allow CORS?

Access-Control-Allow-Methods: GET Access-Control-Allow-Origin: *

assem-ch commented 6 years ago

@sneetsher @mdbadawi Cross-Origin Request are allowed and many third party apps are already using the api since years,

@mdbadawi Sorry for late replying, if you still working on the chrome extension, could you give more details about the error you had