When implementing the Parse Client Key in an Angular application, it may lead to encountering

Question

When implementing the Parse Client Key in an Angular application, it may lead to encountering

I have been working on retrieving a class from Parse using a client key with the GET method. Successfully sent a request through Advanced Rest Client for Google Chrome by including X-Parse-Application-Id and X-Parse-Client-Key headers.

[edit] [edit2] Response headers (captured from Chrome Developer Tools OPTIONS):

HTTP/1.1 200 OK

Access-Control-Allow-Headers: X-Parse-REST-API-Key, X-Parse-Javascript-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, X-Parse-Revocable-Session, Content-Type

Access-Control-Allow-Methods: OPTIONS, POST, GET, PUT, DELETE

Access-Control-Allow-Origin: *

Access-Control-Max-Age: 86400

Content-Type: application/json; charset=utf-8

Date: Sun, 29 Nov 2015 04:23:08 GMT

Server: nginx/1.6.0

X-Parse-Platform: G1

X-Runtime: 0.000118

Content-Length: 0

Connection: keep-alive

However, when trying to do the same in an Angular app, I encountered the following error:

XMLHttpRequest cannot load . Request header field X-Parse-Client-Key is not allowed by Access-Control-Allow-Headers in preflight response.

Parse mentions support for using cross-origin resource sharing, and as I had successfully made the request earlier with a different client, I believe the server is not the problem. Modifying the response header wasn't an option regardless.

Below is the code used to create the GET request:

var ng_portal = angular.module("ngPortal", []);
ng_portal.controller("GenResourcesCtrl", ["$http", function($http) {
  $http({
    method: "GET",
    url: PARSE_URL + "/1/classes/GenResources",
    headers: {
      "Content-Type": "application/json",
      "X-Parse-Application-Id": PARSE_APP_ID,
      "X-Parse-Client-Key": PARSE_CLIENT_KEY
    }
  }).then(
    function success(res) {
      console.log(res);
    },
    function error(res) {
      console.log(res);
    }
  );
}]);

javascript angularjs parse-platform cors

Answer 1

Answer №1

When you set custom headers in your request, it will trigger an initial pre-flight (OPTIONS) request. The response to this request must include a specific header called "access-control-allow-headers" with a list of the headers that you are attempting to set.

For more information on CORS and pre-flight requests, please refer to https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

I recommend using browser developer tools to inspect the headers of both the requests and responses to ensure they adhere to the CORS specifications. Based on the error message you've shared, it seems like the server handling the cross-domain call does not support custom headers. If you find otherwise, please update your question with the relevant headers, and I can offer further assistance.

Answer 2

When you set custom headers in your request, it will trigger an initial pre-flight (OPTIONS) request. The response to this request must include a specific header called "access-control-allow-headers" with a list of the headers that you are attempting to set.

For more information on CORS and pre-flight requests, please refer to https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

I recommend using browser developer tools to inspect the headers of both the requests and responses to ensure they adhere to the CORS specifications. Based on the error message you've shared, it seems like the server handling the cross-domain call does not support custom headers. If you find otherwise, please update your question with the relevant headers, and I can offer further assistance.

Answer 3

Answer №2

It appears that there is an ongoing issue with Parse.com. After spending an entire hour feeling frustrated, I stumbled upon a helpful post on Google Groups

Here is a relevant quote from the post:

Based on my testing, it seems that neither the client key nor the JavaScript key work properly through JavaScript rest interactions in the browser.

I went ahead and reported this as a Parse Bug:

https://developers.facebook.com/bugs/488204124680438

I believe that these keys should function correctly when used in browser requests without needing to rely on an SDK for support.

I recommend checking out my bug report. I still maintain that enabling these keys to function seamlessly with browser requests is the correct approach since they already work outside of the browser environment.

However, it seems like the issue is not being acknowledged or understood by Parse, as they continue to disable it only in the browser, despite it working fine on other platforms. It just doesn't add up.

In my case, I opted to utilize my JavaScript Key X-Parse-Javascript-Key (even though it is intended for use with their JavaScript SDK according to current documentation) as a successful substitute for X-Parse-Client-Key

Answer 4

It appears that there is an ongoing issue with Parse.com. After spending an entire hour feeling frustrated, I stumbled upon a helpful post on Google Groups

Here is a relevant quote from the post:

Based on my testing, it seems that neither the client key nor the JavaScript key work properly through JavaScript rest interactions in the browser.

I went ahead and reported this as a Parse Bug:

https://developers.facebook.com/bugs/488204124680438

I believe that these keys should function correctly when used in browser requests without needing to rely on an SDK for support.

I recommend checking out my bug report. I still maintain that enabling these keys to function seamlessly with browser requests is the correct approach since they already work outside of the browser environment.

However, it seems like the issue is not being acknowledged or understood by Parse, as they continue to disable it only in the browser, despite it working fine on other platforms. It just doesn't add up.

In my case, I opted to utilize my JavaScript Key X-Parse-Javascript-Key (even though it is intended for use with their JavaScript SDK according to current documentation) as a successful substitute for X-Parse-Client-Key

When implementing the Parse Client Key in an Angular application, it may lead to encountering

Answer №1

Answer №2

Similar questions

How come I'm not receiving an error message when I enter an incorrect email or password?

What is the best method for freezing an HTML element in relation to a container using either CSS or JavaScript?

Show only the items in bootstrap-vue b-table when a filter is actively applied

Is it necessary for me to indicate that I need the password from results[0] when the MySQL query only returns one result?

Tips for incorporating a multimedia HTML/JavaScript application within C++ programming

What is the best way to import the three.js OBJLoader library into a Nuxt.js project without encountering the error message "Cannot use import statement outside a module

Unable to access external API through Jquery due to CORS error when making multipart formposts

A guide on including a class to a DOM element in Angular 6 without relying on Jquery

Exploring the capabilities of Serenity/Js for conducting tests with the protractor-Jasmine framework. Are there any specific features in Serenity that cater to

Creating operations in Angular using the Model View Controller (MVC)

Ways to achieve 8 columns in a single row using Javascript and Bootstrap

JavaScript function to evaluate true conditions

Choose the row based on the values in the columns

NPM: The registry cannot be found

Javascript function encountering difficulty accessing the 'this' variable

Run JavaScript code with Selenium WebDriver prior to calling get() in Java

Passing a variable between functions in JavaScript: Tips and tricks

Conceal the name of a property when displaying it

Tips for deploying a Nuxt application using an alternative command line interface

Finding the parent div in the handleChange function using React