5

I'm developing a web application that gets albums and images from Google Picasa.

I keep getting a 204, no content response from the server.

In addition, I am getting the error: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I have the proper credentials in the developer console for javascript origins, and yet I still am getting this error. I have tried many ways to craft the request, but none have been successful.

I have verified the access token using the tokeninfo endpoint, so I believe I am making the right type of requests.

Here is the request I am making:

    $.ajax({ //gives 204 no content response
                url: "https://picasaweb.google.com/data/feed/api/user/default", //use default to get current logged in user
                type: "GET",
                beforeSend: function(xhr){ //headers
                    xhr.setRequestHeader('Authorization', 'Bearer ' + access_token);
                    xhr.setRequestHeader('GData-Version', '2');
                },
                dataType: "json",
                success: function(){
                    console.log("success");
                },
                fail: function(){
                    console.log("fail");
                }
            })
            .done(function(data){
                console.log(data);
            });

Also, making an un-authenticated request:

                    $.ajax({ 
                url: "https://picasaweb.google.com/data/feed/api/user/default", //use default to get current logged in user
                type: "GET",
                dataType: "json",
                beforeSend: function(xhr){
                    xhr.setRequestHeader('GData-Version', 2);
                },
                success: function(){
                    console.log("success");
                },
                fail: function(){
                    console.log("fail");
                }
            })
            .done(function(data){
                console.log(data);
            });
Steve Lee
  • 5,191
  • 5
  • 17
  • 18
KardJaster
  • 61
  • 1
  • 4

1 Answers1

2

The Picasa Web API does not support CORS for authenticated requests. You will have to make your requests from a server instead of via JavaScript.

Community
  • 1
  • 1
abraham
  • 46,583
  • 10
  • 100
  • 152
  • But can't I make unauthenticated request by removing the header? It still doesn't work if I do that. The same link you showed states that you can make unauthenticated get, but not a POST. – KardJaster Mar 20 '15 at 16:14
  • The linked answer is from two years ago so they may not support CORS at all anymore. – abraham Mar 20 '15 at 17:13
  • From the [Picasa API](https://developers.google.com/picasa-web/docs/2.0/developers_guide_protocol) You do not have to authenticate to retrieve data about public albums, but in order to create, update, or delete content you must authenticate using one of the methods discussed in the authentication section. I am still getting the CORS error, however, so you may be right. – KardJaster Mar 20 '15 at 17:15
  • That documentation does not state support for jsonp or CORS so I would say that client side access is not supported. – abraham Mar 20 '15 at 17:18
  • any updates, gentlemen? I need to get oauth protected content from Picasa via trial Angular 4 app. So should I wrap my requests with some server side logic using smth like nodejs/express? I am fine getting open content with `jsonp`, but have no luck with rest – markoffden Aug 22 '17 at 14:15
  • I'm not aware of anything changing. A server-side proxy will still be required. – abraham Aug 23 '17 at 16:10
  • Note that, as an alternative to a standalone server, you can just create a Chrome extension. Chrome extensions can access arbitrary online resources if the correct permissions are set. – Venryx Dec 07 '17 at 08:34