Fetz
commented
8 years ago From the documentation of VAST (page 16): http://www.iab.com/wp-content/uploads/2015/06/VASTv3_0.pdf
2.1.5.2 Cross Origin Resource Sharing (CORS) for JavaScript In order to JavaScript video players to accept a VAST response, adservers must include a CORS header in the http file that wraps the VAST response. The CORS header must be formatted as follows:
Access-Control-Allow-Origin: <origin header value>
Access-Control-Allow-Credentials: trueThese HTTP headers allow an ads player on any origin to read the VAST response from the ad server origin. The value of Access-Control-Allow-Origin should be the value of the Origin header sent with the ad request. Setting the Access-Control-Allow-Credentials header to true will ensure that cookies will be sent and received properly. For more information MDN CORS
You can check previous issues we close https://github.com/MailOnline/videojs-vast-vpaid/issues?utf8=%E2%9C%93&q=is%3Aissue+is%3Aclosed+cors
My script:
var player = videojs('reallyCoolVideo'); var vastPlugin = player.vastClient({ url: getAdsUrl }); function getAdsUrl() { return 'http://videoads.theonion.com/vast/270.xml'; } vastPlugin.enable();
Who knows why this code throw an error: XMLHttpRequest cannot load http://videoads.theonion.com/vast/270.xml. A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'http://localhost:63342' is therefore not allowed access.
Thank's for help!