USDA / USDA-APIs

Do you have feedback, ideas, or questions for USDA APIs? Use this repository's Issue Tracker to join the discussion.
www.usda.gov/developer
110 stars 16 forks source link

Enable CORS or jsonp #36

Open markleiber opened 9 years ago

markleiber commented 9 years ago

Would you consider adding an "Access-Control-Allow-Origin:*" header or adding support for jsonp requests to allow ajax requests to your APIs?

gbinal commented 9 years ago

A big :+1: to enabling CORS. Our team included a requirement for CORS (and specifically CORS but not JSONP) in our API Standards. There's a bit more information there, as well as in the related issue thread.

Enabling CORS on USDA's end will enable 3rd party mashups much, much more easily and if you want USDA data to be re-used by more people, this will do a lot to help that.

cc: @konklone, @adelevie, @seanherron, @benbalter.

littlebunch commented 9 years ago

We've enabled CORS (Access-Control-Allow-Origin:*) for the Nutrient Database API. Sorry for overlooking this! Gary

petermorlion commented 8 years ago

This seems more or less fixed. I can get the search results from the API using CORS, if I use a search term that returns a result, e.g. searching for "whiskey":

http://api.nal.usda.gov/ndb/search/?format=json&q=whiskey&max=50&offset=0&api_key=APIKEY

However, when I search for a term that wouldn't return a result (e.g. 'whiskers'), I get the following error in my browser:

XMLHttpRequest cannot load http://api.nal.usda.gov/ndb/search/?format=json&q=whiskers&max=50&offset=0&api_key=APIKEY. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://my.local.domain' is therefore not allowed access. The response had HTTP status code 404.

However, I would expect a response like the one I get in Postman, which is a JSON object with, among other properties, a message stating "Your search resulted in zero results.Change your parameters and try again".

littlebunch commented 8 years ago

I receive an error message in Firefox and Chrome like this: { "errors": { "error": [ { "status": 400, "parameter": "results", "message": "Your search resulted in zero results.Change your parameters and try again" } ] } }

However the 404 response is incorrect. IMO, it should be 200 since correctly formed JSON (or XML) is returned.