OpenSubtitles forum

Posted: **Mon Jan 31, 2022 11:26 am**

Hello guys,

I'm just trying to LogIn with my UserAgent on https://api.opensubtitles.org/xml-rpc

It was working before (didn't try for a long time though).

I found that I had to change my password first to make curl works.

So now, curl request gives me a 200,
while fetch request is not (due to CORS) :
Access-Control-Allow-Origin == Missing Header

CURL REQUEST :

Code: Select all

curl 'https://api.opensubtitles.org/xml-rpc' \
-H 'Accept: text/xml' \
-H 'Referer: http://localhost:6868/' \
-H 'Content-Type: text/xml' \
--data-raw '<?xml version="1.0"?><methodCall><methodName>LogIn</methodName><params><param><value><string>REDACTED</string></value></param><param><value><string>REACTED</string></value></param><param><value><string>en</string></value></param><param><value><string>willbaz</string></value></param></params></methodCall>' \
--compressed

FETCH REQUEST :

Code: Select all

fetch("https://api.opensubtitles.org/xml-rpc", {
"headers": {
"accept": "text/xml",
"content-type": "text/xml",
},
"referrer": "http://localhost:6868/",
"referrerPolicy": "strict-origin-when-cross-origin",
"body": "<?xml version=\"1.0\"?><methodCall><methodName>LogIn</methodName><params><param><value><string>REDACTED</string></value></param><param><value><string>REACTED</string></value></param><param><value><string>en</string></value></param><param><value><string>REDACTED</string></value></param></params></methodCall>",
"method": "POST",
});

Could you add the

Code: Select all

Access-Control-Allow-Origin: *

header ?

Thanks !

Posted: **Tue Feb 01, 2022 10:26 am**

Hi

I can not reproduce the problem with CURL, I fire up your request with -vvv and in response headers I can see:

< access-control-allow-origin: *
< access-control-allow-methods: GET, POST, OPTIONS
< access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control

try again, maybe your proxy is removing these headers ?

Posted: **Thu Feb 03, 2022 12:54 pm**

Hello oss,

Thank you for that prompt reply !

And you are right, the header is present with curl on the POST request.

I don't think I have a proxy

Could it be missing from the OPTIONS call ? (made just before for the preflight request)

As the error in the console is :

Access to fetch at 'https://api.opensubtitles.org/xml-rpc' from origin 'http://localhost:6868' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Code: Select all

curl 'https://api.opensubtitles.org/xml-rpc' \
-X 'OPTIONS' \
-H 'authority: api.opensubtitles.org' \
-H 'pragma: no-cache' \
-H 'cache-control: no-cache' \
-H 'accept: */*' \
-H 'access-control-request-method: POST' \
-H 'access-control-request-headers: content-type' \
-H 'origin: http://localhost:6868' \
-H 'user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36' \
-H 'referer: http://localhost:6868/' \
-H 'accept-language: en-GB,en-US;q=0.9,en;q=0.8,fr;q=0.7' \
--compressed -vvv

Thanks

Posted: **Fri Feb 04, 2022 12:15 pm**

should be fixed, let me know

Posted: **Sat Feb 05, 2022 2:30 pm**

Yes ! Thanks

OpenSubtitles forum

xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)

xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)

Re: xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)

Re: xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)

Re: xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)

Re: xml-rpc API : Missing "Access-Control-Allow-Origin" Header (CORS)