06-15-2015 11:36 - edited 06-15-2015 11:36
06-15-2015 11:36 - edited 06-15-2015 11:36
Hi,
I'm a big fan of the OAuth 2.0 beta and it's working great for me! The only issue I have is that the server doesn't respond with a CORS (Cross-Origin Resource Sharing) header which makes cross-domain calls impossible.
Chrome and Firefox both throw a "No 'Access-Control-Allow-Origin' header is present on the requested resource" error. My current work-around is using a proxy, but the benefit of OAuth 2 should be that everything can be done through the browser directly.
Any plans on implementing the CORS header?
Thanks,
Dominikus
Answered! Go to the Best Answer.
06-16-2015 18:04
06-16-2015 18:04
I have confirmed the issue and documented the bug. It will be fixed, but I don't have an ETA.
06-15-2015 12:38
06-15-2015 12:38
Hi @dominikus, CORS was enabled on api.fitbit.com. We're investigating why it's not responding properly.
06-15-2015 13:03
06-15-2015 13:03
Please PM to me your app id.
06-15-2015 13:07
06-15-2015 13:07
Thanks for the quick responses! I've just sent the app id to Ivan.
06-15-2015 13:11
06-15-2015 13:11
try now.
06-15-2015 13:26
06-15-2015 13:26
Still nothing! Chrome 43 says:
XMLHttpRequest cannot load https://api.fitbit.com/1/user/-/activities/steps/date/today/1y.json? No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://local.interfacery.com:6001' is therefore not allowed access.
06-16-2015 11:01
06-16-2015 11:01
Any news on this @ibahdanau @JeremiahFitbit?
Thanks!
06-16-2015 18:04
06-16-2015 18:04
I have confirmed the issue and documented the bug. It will be fixed, but I don't have an ETA.
06-17-2015 16:33
06-17-2015 16:33
looks like it's working now - thanks for your help!