第一次在这里问一个问题。我是这个初学者,但我真的很难对付我面临的问题。与CORS的优步API问题
浏览器在使用中:
- Safari和Firefox(包括在Mac OS塞拉利昂)
- 火狐(Linux的 - 的Ubuntu 16.04.2)
我注册成为尤伯杯Developer和已在仪表板中注册了一个应用程序。我现在只使用服务器令牌进行身份验证。在仪表板,我已经在App为CORS(可选URI的CORS支持)的“权限”选项卡中设置以下条目:
http://localhost:8000 <-- web server in my PC
https://subdomain.mydomain.com <--- remote web server
几个月前,我使用HTML,CSS创建一个Web应用程序和JS(带有Jquery v2.2.4)可以使用Ride Estimates API,并能够成功地为我所在地区的许多位置报告数据。不知何故,它不再有效。我试图解决这个问题并改进功能。不过,由于以前不存在的CORS问题,我无法超越对API的初始查询。
我的API网址是:
https://api.uber.com/v1/estimates/price?start_latitude=8.969145&start_longitude=-79.5177675&end_latitude=8.984104&end_longitude=-79.517467&server_token={*********SERVER*TOKEN**********}
当我粘贴在浏览器的地址栏我得到有效的JSON:
{"prices":[{"localized_display_name":"uberX","distance":1.58,"display_name":"uberX","product_id":"811c3224-5554-4d29-98ae-c4366882011f","high_estimate":3,"surge_multiplier":1.0,"minimum":2,"low_estimate":2,"duration":420,"estimate":"2-3\u00a0$","currency_code":"USD"},{"localized_display_name":"X English","distance":1.58,"display_name":"X English","product_id":"8fe2c122-a4f0-43cc-97e0-ca5ef8b57fbc","high_estimate":4,"surge_multiplier":1.0,"minimum":3,"low_estimate":3,"duration":420,"estimate":"3-4\u00a0$","currency_code":"USD"},{"localized_display_name":"uberXL","distance":1.58,"display_name":"uberXL","product_id":"eb454d82-dcef-4d56-97ca-04cb11844ff2","high_estimate":4,"surge_multiplier":1.0,"minimum":3,"low_estimate":3,"duration":420,"estimate":"3-4\u00a0$","currency_code":"USD"},{"localized_display_name":"Uber Black","distance":1.58,"display_name":"Uber Black","product_id":"ba49000c-3b04-4f54-8d50-f7ae0e20e867","high_estimate":6,"surge_multiplier":1.0,"minimum":4,"low_estimate":4,"duration":420,"estimate":"4-6\u00a0$","currency_code":"USD"},{"localized_display_name":"Uber SUV","distance":1.58,"display_name":"Uber SUV","product_id":"65aaf0c2-655a-437d-bf72-5d935cf95ec9","high_estimate":7,"surge_multiplier":1.0,"minimum":5,"low_estimate":5,"duration":420,"estimate":"5-7\u00a0$","currency_code":"USD"}]}
然后我继续设置JS(W/JQuery的)代码在网页上...
var url = "https://api.uber.com/v1/estimates/price?start_latitude=8.969145&start_longitude=-79.5177675&end_latitude=8.984104&end_longitude=-79.517467&server_token={*********SERVER*TOKEN**********}";
$.getJSON(url, function(result){
console.log(result);
});
上传HTML和JS到我的远程web服务器,然后加载我的网页中的任何b罗塞尔从Uber API产生200个状态。但是,控制台日志显示CORS挡住了我的请求(问题1):
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.uber.com/v1/estimates/price?start_latitude=8.969145&start_longitude=-79.5177675&end_latitude=8.984104&end_longitude=-79.517467&server_token={*********SERVER*TOKEN**********}. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
然后,在Mac浏览器的检查来看,下设网络/资源的地区,我看到从获得200个状态消息请求。然而,随着该响应消息(问题2):
SyntaxError: JSON.parse: unexpected end of data at line 1 column 1 of the JSON data
请求头是:
GET /v1/estimates/price?start_latitude=8.969145&start_longitude=-79.5177675&end_latitude=8.984104&end_longitude=-79.517467&server_token={*********SERVER*TOKEN**********} HTTP/1.1
Host: api.uber.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://subdomain.domain.com/Uber/index.html
Origin: https://subdomain.domain.com
Connection: keep-alive
响应标题是:
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 19 Mar 2017 22:26:31 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Content-Geo-System: wgs-84
Content-Language: en
X-Rate-Limit-Limit: 2000
X-Rate-Limit-Remaining: 1998
X-Rate-Limit-Reset: 1489964400
X-Uber-App: uberex-nonsandbox, optimus, migrator-uberex-optimus
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
在Firefox用于Linux我有时不要得到语法错误;我似乎总是把它放在Mac浏览器上。在Linux中,当我得到这个错误,然后点击“Edit and Resend”Headers按钮(重新发送Headers但没有真正编辑Headers),Syntax Error就消失了,Response文本实际上显示了Uber API Object在那里......但我仍然在控制台日志上看到CORS Blocked消息。我真的不明白这是为什么,但似乎是矛盾的。最后,我无法使用API数据,在几个月前使用相同的方法,我可以获得几十个位置。
我在类似的问题寻找答案,但到目前为止没有发现任何适用于我的情况。任何帮助将不胜感激。变得非常沮丧......真的停留在这里。
我发现在Safari(Mac)中,如果我进入“开发”菜单并单击以启用“禁用跨源限制”,那么在该浏览器中不再存在与CORS有关的问题......但这不是为了成为解决方案,我相信。 – hutchit
我认为问题在于Uber API没有按预期包含CORS头文件。看起来像一个错误 - 我已经报告过,并会在解决后跟进。 –