1

I have a small problem, I want to recover data in JSON format from this URL on my application: https://www.oscaro.com/xhr/dionysos-search/fr/fr?plate=AD865ZF

When I enter this url on my browser it works perfectly.

However when I try to recover this JSON from my application in PHP (curl) or Javascript (xhr) I can't recover the data I get a CORS error.

Do you know how I can recover this data from my application?

Thank you in advance,

Yours sincerely,

Kroshka Kartoshka
  • 1,035
  • 5
  • 23
valentin marchand
  • 29
  • 4
  • You may need to add some header information to the request –  Oct 29 '20 at 15:07
  • 2
    CORS applies to requests made from the client side, in the browser, only. That you’re getting a CORS error when using cURL, is highly unlikely. (Possible however that the remote party expects an `Origin` header in any case, and rejects your request when that is missing. But that would not _actually_ be a CORS error by definition.) – CBroe Oct 29 '20 at 15:09
  • 1
    First thing I see when I try that URL in my browser, is Cloudflare’s “checking your browser” page. _That_ is the reason of your issue, and not anything to do with CORS (at least for your server-side attempt.) The URL is protected against access by “bots”. – CBroe Oct 29 '20 at 15:11
  • 1
    Please share more details, like the code you are using. I doubt that PHP evaluates CORS headers – Nico Haase Oct 29 '20 at 15:19
  • How could i retrieve info if cloudflare is enabled ? – valentin marchand Oct 29 '20 at 15:36
  • Could you please help stackoverflow mechanics by accepting the answer you liked the most (if there is one indeed) so that authors of answers don't see this question in their active list ;) thank you for participation. If none of answers was relevant pls ignore this ping. – Kroshka Kartoshka Oct 30 '20 at 11:44

1 Answers1

1

Briefly, you need headers in your request to match the Browser's request:

  • Open dev tools in you browser (e.g. F12 or cmd+opt+I or click on menu)
  • Open Network tab
  • Reload the page (the whole website or the target request's url only, whatever provides a desired response from the server)
  • Find a http request to the desired url in the Network tab. Right click it, click 'Copy...', and choose the option (e.g. curl) you need.

Your browser sends tons of extra headers, you never know which ones are actually checked by the server so this technique will save you much time.

However, this might fail if there's some protection against blunt request copies, e.g. some temporary tokens, so the requests cannot be reused. In this case you need Selenium (browser emulation/automation), it's not difficult so it worth using.

Kroshka Kartoshka
  • 1,035
  • 5
  • 23
  • No! That's completely the opposite of what is needed. The **server** needs to grant permission in the **response** so that the browser will allow the JavaScript on the website to read the response. – Quentin Oct 29 '20 at 15:34
  • Let's wait for @Valentin results, if it worked. It wasn't completely clear if he uses JS in browser or just a standalone request from his backend. If he reports a fail with this, I'll kill the answer. – Kroshka Kartoshka Oct 29 '20 at 15:40
  • Im using a simple backend request and i do not retrieve any JSON because there is a cloudflare protection that need waiting 5seconds, i don't know how to bypass it – valentin marchand Oct 29 '20 at 15:42
  • As the last resort you can always run that in Selenium, waiting those 5 seconds inside it. – Kroshka Kartoshka Oct 29 '20 at 15:44
  • Anyway if you spend another minute to report here the solution that worked in you case, that will be really great. When you find one, indeed. Good luck with it – Kroshka Kartoshka Oct 29 '20 at 15:52
  • this is actually a good answer, helped me, thanks – Daniel Khoroshko Jul 31 '22 at 16:16