Add API support for access from single-page web applications


#1

It doesn’t seem possible to create a JavaScript-only single page web application which uses the Circle CI API.

This is due to a lack of cross-origin header support (CORS).

Can this be added, or as an alternative can JSONP requests be supported?

Cheers!


#2

I’m actually seeing Access-Control-Allow-Origin:* when I test with my api token.

What is the exact error you are getting?


#3

I see:

XMLHttpRequest cannot load https://circleci.com/api/v1/project/ARMmbed/target-build-tests/?circle-token=. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘null’ is therefore not allowed access.


#4

Oh my, the extra slash at the end of the URL is causing this issue. If I remove it:

https://circleci.com/api/v1/project/ARMmbed/target-build-tests?circle-token=

CORS works.

Perhaps this is a bug?


#5

I spoke too soon!

The main API supports CORS (without the trailing slashes), but the artifact server doesn’t:

XMLHttpRequest cannot load https://circle-artifacts.com/gh/ARMmbed/target-build-tests/5/artifacts/0/home/ubuntu/target-build-tests/results.json. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘null’ is therefore not allowed access.

Please add support for this to have consistent access across the APIs

Thanks!


Add CORS Support to Artifacts Server
#7

Ah, got it! Yes, that would be very helpful :slight_smile:


#8