SteemPlus is a lightweight browser extension adding new features to your Steemit/Busy experience: - Voting slider for minnows - Possibility to filter (by tag/resteem/reputation) and sort ( by date/payout/votes) - Switch between Busy Steemit and Steemd by keyboard shortcuts - Delegation of Steem Power directly from the wallet
getPriceSteemAsync, getPriceSBDAsync and getBTCPriceAsync should return rates when the response is resolved.
Actual Behavior
Uncaught Error gets throws because response is not received from bittrex due to CORS Error
Steps to Reproduce
Install SteepPlus Version 3.8.2.1 in Chrome.
Enable the extension if its not already enabled.
Go to busy.org and login.
Open Dev toolbar to check Console for errors.
Explanation of Issue
When you try to access an API which has no CORS header, you get a success response 200 but no response data. This is because most browser have same origin policy in place to prevent a malicious api getting called using session information without website intending it to.
Fixing CORS Header
As such, you will not be able to get around this issue from extension directly without bittrex making a change in thr api to include CORS header. This is unlikely to happen so to get around this problem, you can create a node middleware API. This api when called, will make a call to bittrex and once the response it returned, it will pipe the response to extension with CORS header added.
Please note that you can't test CORS issues on localhost as they are ignored on localhost. They only surface once the code is deployed on server.
Expected Behavior
getPriceSteemAsync, getPriceSBDAsync and getBTCPriceAsync should return rates when the response is resolved.
Actual Behavior
Uncaught Error gets throws because response is not received from bittrex due to CORS Error
Steps to Reproduce
Explanation of Issue
When you try to access an API which has no CORS header, you get a success response 200 but no response data. This is because most browser have same origin policy in place to prevent a malicious api getting called using session information without website intending it to.
Fixing CORS Header
As such, you will not be able to get around this issue from extension directly without bittrex making a change in thr api to include CORS header. This is unlikely to happen so to get around this problem, you can create a node middleware API. This api when called, will make a call to bittrex and once the response it returned, it will pipe the response to extension with CORS header added.
Please note that you can't test CORS issues on localhost as they are ignored on localhost. They only surface once the code is deployed on server.
Browser: Chrome Version 73.0 (Official Build) (64-bit) Operating system: OSX 10.11.6 Version: 3.8.2.1