1

I'm trying to access the Adobe TypeKit API's via javascript, using AngularJS. Using $http.get(https://typekit.com/api/v1/json/kits?token=myToken) fails on authenticated requests, with error: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.

If I use $http.jsonp(...) un-authenticated requests are succesfull, this is probably due to Adobe's CORS policies, but as stated in the typekit documentation

For security reasons, authenticated API requests are currently unavailable with callbacks.

So, using jsonp, I can't access many of the endpoints provided by the API's. What I don't understand is that the same exact request that fails in angular, succeds if I execute it with postman or with chrome itself. I tryied setting the request headers exactly the same as in postman, but didn't work. Tried all sorts of headers settings, but nothing changed. Any thoughts?

Daniele Sassoli
  • 899
  • 12
  • 34

1 Answers1

0

can you disable the chrome web security and then give it a try.To disable the web security open your terminal and type the following /Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --disable-web-security --allow-file-access-from-files --allow-file-access --user-data-dir=~/chrome-test/ spec/runner.html

Ali Sadiq
  • 900
  • 6
  • 11
  • I don't know why, I don't know how, but it works, although I need to set a header: `{'X-Requested-With': 'XMLHttpRequest'}` – Daniele Sassoli Nov 13 '15 at 10:46
  • what does this mean? and how can I replicate this without having to run chrome without web security? – Daniele Sassoli Nov 13 '15 at 10:53
  • Is it working fine when web security is disabled?Please refer to this question for more details http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource – Ali Sadiq Nov 13 '15 at 11:16
  • Thanks for your reference, the only thing htat helped me was using cors.io, I will go with that, but I'm still looking for a better solution, since I'm not too happy with this one. – Daniele Sassoli Nov 13 '15 at 11:46