0

I'm working on a script that uses a jQuery JSON function to fetch some JSON from an API. An API that is not hosted on my web server. I don't understand how this is possible. I've learned AJAX at Treehouse and they clearly stated that this isn't possible because of the CDP.

So my question is, how is this possible? Because this isn't the first time I've encountered this. Another good example is this flightjs demo, which simply calls on the Instagram API.

So basically I'm really confused. Because I have no idea why this is possible. Is there something on their side which makes this possible?

I'm not looking for code samples. This is more of a theory type question.

Thanks :D

Niels
  • 529
  • 2
  • 6
  • 20
  • 1
    With a proxy, yes, you should be able to pass the URL, and get back the content. – Adam Azad Dec 27 '15 at 10:05
  • Is that proxy on my side, or on theirs? – Niels Dec 27 '15 at 10:06
  • See this - [Understanding CORS](http://stackoverflow.com/questions/25845203/understanding-cors), and the [cors tag](http://stackoverflow.com/questions/tagged/cors?sort=votes) - almost a duplicate. Your course may be a little outdated. – Kobi Dec 27 '15 at 10:09
  • A proxy hosted on your server, keep in mind, API service is meant for accessing data without scraping, so most APIs like Open Graph, Instagram, Twitter, Google ... etc has CORS enabled, but you still have to use JSONP for by-pass security applied by browsers. Gaming API or closed-source apps on the other hand, doesn't really allow nerds to access them. – Adam Azad Dec 27 '15 at 10:09
  • Just so that you understand. All im doing is one single jQuery JSON request. I'm not a backend dev. I haven't added a proxy or an external script, but it is working. – Niels Dec 27 '15 at 10:12
  • I'm doing exactly what the top answer of this question demonstrates, but to an API: http://stackoverflow.com/questions/14388452/how-do-i-load-a-json-object-from-a-file-with-ajax – Niels Dec 27 '15 at 10:13
  • @Kobi Oooh, so if they allow cross domain then it will work, regardless? – Niels Dec 27 '15 at 10:14
  • 1
    Actually, I'm not sure it always works - it is best if you post some code, and the URL you are posting to. – Kobi Dec 27 '15 at 10:15
  • In theory it is possible. – Yogi Dec 27 '15 at 10:15
  • @Kobi open the console and the source. http://www.nielsklom.eu/Streamster/ – Niels Dec 27 '15 at 10:16
  • @Niels, I can see the response object in the console, so what is your question, again? – Adam Azad Dec 27 '15 at 10:18
  • Yes Niels, if the server allows CORS then the request will work. The server side code must have a line of code that says 'YES, CORS is permitted when a user makes a request to this server' – Paul Fitzgerald Dec 27 '15 at 10:21
  • This is CORS: there is a `Access-Control-Allow-Origin:"http://www.nielsklom.eu"` in the HTTP response. – Kobi Dec 27 '15 at 10:21
  • Great! Thanks for the help everyone, much appreciated. – Niels Dec 27 '15 at 10:24
  • I've closed the question as a duplicate. There's a good answer there, with a note on jQuery's implementation: https://gist.github.com/3131951 . It is several years old though, and things do change: for example - cross origin requests used to be block before being sent by the same origin policy. Now the request does go to the server, the response header is checked, and the result is blocked if needed. – Kobi Dec 27 '15 at 10:25

0 Answers0