2

I'm currently trying to retrieve videos from a private Dailymotion channel in my personal application.

To do that I'm trying to authenticate to the Dailymotion API using the grant_type method : password.

Here is my POST request :

xhr.open('POST', 'https://api.dailymotion.com/oauth/token', true);
xhr.setRequestHeader('Content-Type', 'multipart/form-data');
xhr.onload = function(e) { 
 console.log("HEADERS", e.target.getAllResponseHeaders())
 if (e.target.status < 400) {
  console.log(e);
 } else {
  console.log("error")
 }
};
xhr.onerror = function(e) {
 console.log("HEADERS", e.target.getAllResponseHeaders())
};
xhr.send('grant_type=password&client_id=<MyAPIKey>&client_secret=<MyAPISecret>&username=<MyUserName>&password=<MyPassword>');

I'm receiving the following error : No 'Access-Control-Allow-Origin' header is present on the requested resource.

I checked the response header and the Access-Control-Allow-Origin is missing. I cannot add this parameter on the API server because I'm requesting Dailymotion servers...

So my question is : Is it possible to configure the Dailymotion application (referenced by my API Key) to accept my request from my private domain, or is there a way to bypass the 'Access-Control-Allow-Origin' problem.

Thanks in advance !

Louis Lucas
  • 21
  • 1

2 Answers2

0

It is not possible to by-pass Access-Control-Allow-Origin in common browsers.

Maybe Dailymotion allows only specific domains, or simply disallows localhost

Naramsim
  • 8,059
  • 6
  • 35
  • 43
  • I'm not using localhost. My application is inside Offie 365. So my domain is .SharePoint.com – Louis Lucas Feb 15 '18 at 14:23
  • well if Dailymotion lacks completely of that header you can't do anything from your browser using XHR. – Naramsim Feb 15 '18 at 14:24
  • Why don't you try with their official SDK instead of making raw calls? https://developer.dailymotion.com/tools/sdks#sdk-javascript – Naramsim Feb 15 '18 at 14:25
  • Is there another option than using XHR that would solve my problem? – Louis Lucas Feb 15 '18 at 14:26
  • Well i tried with their JS SDK. But I'm not able to login with specific username & password. – Louis Lucas Feb 15 '18 at 14:27
  • You actually cant with your credentials! you have to obtain a key from them. You have to register an application: https://developer.dailymotion.com/api – Naramsim Feb 15 '18 at 14:29
  • Yes I registered my application and I have my API Key and API Secret. But the problem is that i need to retrieve videos from a private channel in which only one user can access. That's why I'm trying to authenticate as this user to be able to retrieve those private videos and displays them inside my application. – Louis Lucas Feb 15 '18 at 14:34
  • i dont think you can – Naramsim Feb 15 '18 at 14:36
0

Since the Access-Control-Allow-Origin header (and all the other CORS headers) are response headers, you can't control them.

Is this code running in a browser? If so, confirm that the Origin request header is being sent. If it is not running in a browser, try adding the Origin request header with your request and see if that causes the server to include the CORS response headers.

If that doesn't work, then you can't do anything without possibly using their SDK.

roryhewitt
  • 4,097
  • 3
  • 27
  • 33
  • Than you for your answer. I already confirmed that my request header contains Origin, but unfortunately response does not contain 'Acces-Control-Allow-Origin'. I will try again with their sdk... – Louis Lucas Feb 16 '18 at 09:30