Closed jaygray0919 closed 5 years ago
Feature request duly noted! PRs on this would be very welcome.
Same issue :). Basically any browser-side script (i.e. gadgets) on Wikidata/Wikipedia won't be able to access the service because it's blocked.
Error is:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
I briefly googled and found a gist of how to enable CORS for Bottle; maybe useful? https://gist.github.com/richard-flosi/3789163
https://pypi.org/project/bottle-cors/ maybe better
@mvolz thanks for the pointers. I will try to get this solved today.
@mvolz @jaygray0919 I have deployed the fix, let me know if there are still issues on your side.
Works beautifully, thank you so much! :1st_place_medal:
I do get this error, but it does load :).
load.php?debug=false&lang=en&modules=jquery%2Coojs-ui-core%2Coojs-ui-widgets|mw.config.values.wbSiteDetails|oojs-ui.styles.icons-editing-advanced&skin=vector&version=1w1t5tj:130 [Report Only] Refused to connect to 'https://tools.wmflabs.org/openrefine-wikidata/en/api?query=%7B%22query%22%3A%22PLoS%20Computational%20Biology%22%2C%22limit%22%3A1%2C%22type%22%3Anull%2C%22type_strict%22%3A%22any%22%7D' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: upload.wikimedia.org https://commons.wikimedia.org meta.wikimedia.org .wikimedia.org .wikipedia.org .wikinews.org .wiktionary.org .wikibooks.org .wikiversity.org .wikisource.org wikisource.org .wikiquote.org .wikidata.org .wikivoyage.org *.mediawiki.org wikimedia.org". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback
@mvolz interesting… I don't know much about CORS so correct me if I am wrong but it seems that the problem comes from a policy from the source website (mediawiki) rather than from the behaviour of the reconciliation service itself?
Me neither, who knows! Probably a problem on my end.
we're seeing:
XHR status: 200
XHR status text: OK
XHR exposed response headers:
content-type: application/json
will test with more data later thanks for the progress
For some reason the access header isn't there for error messages.
Not a big deal as it's not like it's supposed to give you data anyway, but inconsistent I guess.
Example url with error that causes it: https://tools.wmflabs.org/openrefine-wikidata/en/api?query=%2210.1371%2Fjournal.pcbi.1002947%22
When embedding query strings, we need to access files that are CORS enabled
For example, when using this service is not natively CORS-enabled: https://es.wikipedia.org/w/api.php?action=query&prop=extracts&exsentences=3&titles=Inform%C3%A1tica&exintro=&format=json
Hay (hay@bykr.org) advised to append 'origin=*' like this: https://es.wikipedia.org/w/api.php?action=query&prop=extracts&exsentences=3&titles=Inform%C3%A1tica&exintro=&format=json&origin=*
Similarly, the openrefine-wikidata site is not CORS enabled: https://tools.wmflabs.org/openrefine-wikidata/en/api?query=https://en.wikipedia.org/wiki/Tom_Hanks
We tried this: https://tools.wmflabs.org/openrefine-wikidata/en/api?query=https://en.wikipedia.org/wiki/Tom_Hanks&origin=*
but it does not act as the metho acts on PHP site
How can we access openrefine-wikidata if our access programs require the target site to be CORS-enabled?
/jay gray