CORS Stuff

Post reply
0 favourites
  • 5 posts
From the Asset Store
Hispanic Food Icon Pack
$20 USD
A set of Hispanic food icons and images for your in-game store!
Wintrus's avatar
Wintrus

  • For the love of god someone please make a cors documentation for construct.

    what do you mean I can't preview it from local host, and construct preview. all the forums and manual instructions just leave us hanging no pictures no conclusion no snippet of code or where to put the code.

    they just say server and leave, what server where server

  • Allowing CORS is part of the configuration on the web server of the resource you are trying to request from.

    Imagine if each domain is a house, and the data you're requesting is inside the house. CORS is the lock on the front door.

    If the host you're running your app from is on the same domain you're already inside the house and you can get to the data in the house no problem.

    If you're coming from outside (different house/domain, such as when you're previewing from localhost or construct.net), CORS will block your AJAX data request.

    So the owner of the server has to disable CORS on their webserver by setting it in their config, basically leaving the door unlocked. This will allow requests from outside domains through.

  • Thank you for your response,

    I understand what cors does, the extent of my experience with cors is when running a node.js and express server where you allow cors* and everything is good. But I have no idea when it comes to construct, where would I configure Cors stuff when trying to access an API?

    here are two failed attempts of mine,

    now I can bypass this with a chrome extension that turns off cors but this wouldn't work for other users right, how can I fix this so other users won't have this issue?

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads

  • you can try like this 

    <?php
header("Access-Control-Allow-Origin: 'https://preview.construct.net'"); // Customize with your domain or ALL '*'
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
header("Access-Control-Allow-Headers: Authorization, Content-Type");
header("Content-Type: application/json");

// $url = $_POST["url"]; // c3 plugin AJAX: action > request url
$url = "https://fake-json-api.mock.beeceptor.com/users"; // Destination API

// Handle preflight request
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
 http_response_code(204); // No Content
 exit;
}

// Fetch data from external API
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
$response = curl_exec($ch);
$httpCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);

// Send the response result to the frontend
http_response_code($httpCode);
echo $response; // c3 plugin: AJAX.lastData
?>

  • For what it's worth, CORS is mentioned in the AJAX manual entry here which also links to a much more detailed guide on CORS on MDN, as this is an aspect of how networking works on the web in general and isn't specific to Construct.

Post reply
  • 5 posts
Return to board index
Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)