search

toggl / toggl_api_docs

Documentation for the Toggl API
1.4k stars 235 forks source link

CORS endpoint returns 404 #344

Closed zoka123 closed 5 years ago

zoka123 commented 5 years ago

I tried to get my localhost whitelisted for development but without any luck, All I'm getting is 404.

I've looked at other 404-related issues but they are only closed without any resolution note on how the issue was fixed.

curl -v -u TOKEN:api_token \
> -H "Content-Type: application/json" \
> -d '{"domain":"http://localhost"}' \
> -X POST https://www.toggl.com/api/v9/me/cors

Note: Unnecessary use of -X or --request, POST is already inferred.
*   Trying 35.244.178.179...
* TCP_NODELAY set
* Connected to www.toggl.com (35.244.178.179) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-CHACHA20-POLY1305
* ALPN, server accepted to use h2
* Server certificate:
*  subject: C=EE; postalCode=10117; ST=Harju; L=Tallinn; street=Tartu mnt 25; O=Toggl OU; OU=PremiumSSL Wildcard; CN=*.toggl.com
*  start date: Oct  8 00:00:00 2018 GMT
*  expire date: Jan  9 23:59:59 2021 GMT
*  subjectAltName: host "www.toggl.com" matched cert's "*.toggl.com"
*  issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Organization Validation Secure Server CA
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Server auth using Basic with user 'TOKEN'
* Using Stream ID: 1 (easy handle 0x7fc8df800400)
> POST /api/v9/me/cors HTTP/2
> Host: www.toggl.com
> Authorization: Basic AUTH
> User-Agent: curl/7.54.0
> Accept: */*
> Content-Type: application/json
> Content-Length: 29
> 
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* We are completely uploaded and fine
< HTTP/2 404 
< server: nginx
< date: Wed, 07 Aug 2019 06:27:06 GMT
< content-type: text/plain; charset=utf-8
< content-length: 19
< cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
< x-content-type-options: nosniff
< x-content-type-options: nosniff
< x-toggl-request-id: d64d0c8b23340f236a23001a72a8af85
< instance: time-web4
< strict-transport-security: max-age=15552000; includeSubDomains
< x-we-are-hiring: https://toggl.com/jobs/
< x-request-id: d64d0c8b23340f236a23001a72a8af85
< via: 1.1 google
< alt-svc: clear
< 
404 page not found
* Connection #0 to host www.toggl.com left intact
lovromazgon commented 5 years ago

Self service CORS endpoints were disabled quite a while ago. If you want us to enable CORS for a domain, please contact our support team and they will help you out (https://support.toggl.com/en/).

zoka123 commented 5 years ago

Thanks @lovromazgon

I will reach out to support and ask them for help. I'm not sure how I missed that, it is clearly stated at the top of the document:

This portion of the API is disabled, if you require CORS whitelisting for your website please contact support@toggl.com for further assistance.

Sorry about that