1

I have a page that uses a ZingChart and loads the data via Ajax from multiple URLs in other domains. The data are in CSV files such as:

1, 2, 3, 4, 5

Or:

2.34,1.01,4.56

What I need is to access these files and construct a JSON for ZingChart in this way:

{"data":[THE_CSV_GOES_HERE], "name":"WHATEVER"}

My first problem is that I ran into the usual CORS problem (whose usefulness I still don't understand very well), and since I don't have control on the servers hosting the CSVs, I used this workaround as explained here:

$.ajax({
     url:"http://otherdomain/test.csv", // This is dynamically placed
     dataType: 'jsonp',
     success:function(res){
         return res;
     },
     error:function(r, error){
         alert("Error " + error);
     }      
});

This raises a parsererror, I suppose because the CSV is not in json format.

If I use "text" instead of "jsonp" I get the CROS error (No 'Access-Control-Allow-Origin' header is present on the requested resource.) If I use "jsonp text" as in the documentation, I still get the parsererror. If I use crossDomain: true, dataType: 'text' to force a crossDomain but specifying it is text, I still get the CORS error.

It seems that I am having a similar problem as this person.

How can I overcome this? I cannot believe that in the modern Web it is not possible to get a string of text from a distributed server without refreshing the page. It looks like a strong limitation. In fact, I would think it is the client who should be able to allow cross domains, not the external servers (which are normally outside the client's control).

rfornal
  • 5,072
  • 5
  • 30
  • 42
user1156544
  • 1,725
  • 2
  • 25
  • 51
  • *"It looks like a strong limitation"* Well, security is important. *"I would think it is the client who should be able to allow cross domains, not the external servers "* Again, security is important :) https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy – Felix Kling Nov 16 '16 at 16:40
  • No way unless external domain allows cross-domain requests (via JSONP or CORS). The possible workaround is a proxy script on your server getting that file and passing it to AJAX request. – hindmost Nov 16 '16 at 16:41
  • I agree that security is important but my complain is that the solution provided by CORS does not look very secure (seems like it is possible to circumvent it by malicious people, not to talk about misconfigurations in the server side where the client has no control) while imposing some burden for developers – user1156544 Nov 16 '16 at 19:46

2 Answers2

1

What are you using for the backend/hosting environment for your site? You could simply access the CSVs and return them from your backend as you shouldn't have this problem accessing them from the server side...

Milney
  • 6,253
  • 2
  • 19
  • 33
1

You could try getting the csv file with a server side request as outlined here and then just make your ajax call to your server side web method to get the csv string.

Community
  • 1
  • 1
Keith.Abramo
  • 6,952
  • 2
  • 32
  • 46
  • 1
    I have solved it by creating a new server-side Web method... This just reads the whole content of the URL and passes it over. Not the most efficient solution but it works. – user1156544 Nov 16 '16 at 19:40