You need to sign in to do that
Don't have an account?
Eric Delgado
loading REST API returns 200 OK, but no data is returned
Hi,
I am new to SF REST API. I am trying to create an angular app and retrieve data from salesforce rest api with SF OAuth authentication. I get the bearer access token after authentication and have set it in the header for the api request. However, everytime I made a $http.get from angular, I get no data. The dev tool console shows this error:
XMLHttpRequest cannot load https://na34.salesforce.com/services/data. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
However, when I look at the network tab in chrome dev tool, I see the status was 200 OK. I tested the request from fiddler and postman and I am able to get the data without problem. I also added my localhost:8080 to whitelist in CORS from the SF. Any idea what I am missing? Thanks!
I am new to SF REST API. I am trying to create an angular app and retrieve data from salesforce rest api with SF OAuth authentication. I get the bearer access token after authentication and have set it in the header for the api request. However, everytime I made a $http.get from angular, I get no data. The dev tool console shows this error:
XMLHttpRequest cannot load https://na34.salesforce.com/services/data. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access.
However, when I look at the network tab in chrome dev tool, I see the status was 200 OK. I tested the request from fiddler and postman and I am able to get the data without problem. I also added my localhost:8080 to whitelist in CORS from the SF. Any idea what I am missing? Thanks!
I would suggest that if you guys were in it for the long haul and intend to develop as agile as possible then you can throw your content up on any server quickly. This will save you months of pain if you can retrieve content from and fully validate your requests. Amazon AWS can can set up in a relatively short time that you can host your code from (free for a year?).
If the content is short and sweet and you only have one call to ever make (say for a small retrievable of newest Opp for example) then I would suggest you can eyeball it... but again best practices will get you further than malpractices.
The only other way is to possibly have a service that retrieves that data for you (may already be built) and then you retrieve that from there. Again, this violates a lot of the principles behind CORS and you really should just get a server :)
All Answers
https://developer.salesforce.com/docs/atlas.en-us.chatterapi.meta/chatterapi/extend_code_cors.htm
It also could be caused by a browser. Are you using Chrome?
Thanks for your reply. I already added my localhost to CORS whitelist. I tested it on Chrome and IE, and both giving me similar errors. I also tested out with https protocol on localhost, but no luck. Any idea what I am missing? Thanks!
Accept all incoming requests from the origin: https://localhost:8080
This translates to
Accept all incoming requests from yourself coming from the port 8080
What you really want is for your website that accesses this REST api to retrieve it via a publicly available server ip or dns that can access. Remember, you're telling Salesforce what IPs are applicable, if you say localhost or 127.0.0.1 then you're saying accept all requests from the Salesforce home server. If don't have a publicly available server you may need to look into that seperately.
Hope that helps!
Eventually this will be hosted on a web server, but for development we need to be able to work on it locally. Do you have any suggestion for a better approach we can do? Thanks!
read this article below. Maybe suggestions there would help oyu
https://developer.salesforce.com/blogs/developer-relations/2015/01/spring-15-preview-cors-force-com-rest-api.html.
try hosting oyur app on heorku to test it
I would suggest that if you guys were in it for the long haul and intend to develop as agile as possible then you can throw your content up on any server quickly. This will save you months of pain if you can retrieve content from and fully validate your requests. Amazon AWS can can set up in a relatively short time that you can host your code from (free for a year?).
If the content is short and sweet and you only have one call to ever make (say for a small retrievable of newest Opp for example) then I would suggest you can eyeball it... but again best practices will get you further than malpractices.
The only other way is to possibly have a service that retrieves that data for you (may already be built) and then you retrieve that from there. Again, this violates a lot of the principles behind CORS and you really should just get a server :)