FUCK CORS FUCK FUCK FUCK FUCK

UPDATE 12-8-2016 My girlfriend is tooting up a storm tonight AND I JUST MASTERED CORS.

ONE OF THE MOST FUCKED UP THINGS ABOUT CORS is postman and curl. THEY ARE GREAT TOOLS, but they can fuck up an unsuspecting cowboy coder. SO LETS SAY YOU’RE JUST DOING YOU BEST AS A COWBOY CODER, TRYING TO GET SOME INTERACTION WITH AN API. You decide to be a gentleman and buy the API a jack and coke in hopes of getting into the API’s pants, but you end up going home alone. So you decide, I’m gonna use postman to make this request. The postman is like your wingman, helpin you get it on with that API. And after a little while you make a successful request to the API with postman, it works, YOU’RE EXCITED. ONLY ONE MORE STEP, LET’S AJAXIFY THIS MOTHER FUCKER (that’s like takin the girl home for the night)!!!! Then you decide to embark on making the postman request into an ajax request. You add jquery to your site and fucking finally get the pieces transfered over and all of a sudden, you send off a request you KNOW SHOULD FUCKING WORK. YOU’VE WORKED SO HARD, MATCHED EVERY period, letter to the T of your postman request. YOU KNOW YOU DIDN’T FUCK IT UP. However, you receive THE FUCKING ERROR… THE NEMESIS ERROR… IT LOOKS LIKE THIS…

See, CORS is a bitch. POSTMAN is a FUCKER, POSTMAN TRIED TO HELP, BUT FAILED. CORS IS A FUCKER too. but… as luck would have it… POSTMAN AND CORS ARE FRIENDS, they just duped you. When postman makes a request, it goes off to CORS’ house. CORS says, oh fuck, hey postman, how you doin? you want a beer? While you’re here, here is all that data you requested. Really glad you came by. HOWEVER, when you do it from AJAX… CORS looks at ajax and SAYS WHOA WHOA WHOA MOTHER FUCKER WHO IS THAT AT MY DOOR? ARE YOU ON THE GUEST LIST? NO…It’s those fucking ja-hova whitnesses again… GET THE FUCK OUT MY HOUSE. I AIN’T GIVING YOU SHIT, YOU WANT DATA? FCK YOU. IN FACT, NEVER COME BACK. But we stubborn little whitnesses, so we keep on a fucking knocking. We try EVERY FUCKING OPTION to get that AJAX request to work… all without understanding the underlying problem… CORS is a Bitch until you completely understand it. CORS is a A COMPLETE FUCKING ASS. CORS WILL ONLY LET YOU IN HIS HOUSE if you’re on the invited LIST. So it’s time to toss your tie and white shirt into the trash and try to become CORS’ FRIEND.

Anyways… I only run into cors problems when I’m building the service that contacts the API. That’s the thing that does the AJAX.

CORS. FUCK YOU CORS.

AND NOW I INTRODUCE THE TWO FUNDAMENTAL WORDS WHEN IT COMES TO CORS. Origin and Resource. WHEN YOU LOOK VERY CLOSELY AT THE nemesis error message,,, You’ll see both words are mentioned.

I made the ajax request from www.clashprogress.com. ======= ORIGIN

I requested information from www.reverbnation.com ========== RESOURCE

It’s like buying weed. The guy with all the weed is the resource. In this case, the thing with all the data we want is the resource. Just like buying drugs.

So we can see from the NEMESIS ERROR, No Access-Control-Allow-Origin header is present on the requested RESOURCE. That means ReverbNation is the one fucking us up. So when you google this error on stack overflow AND get mostly SHIT ANSWERS.

http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource http://stackoverflow.com/questions/20433655/no-access-control-allow-origin-header-is-present-on-the-requested-resource-or

COMPLETE CRAP.

But you need to ask yourself, do I also have control of the resource (the server)? IF NO, YOU’RE FUCKED. Or maybe not. You could use jsonp. Jsonp only works for get requests, not post request. So most likely you’re fucked.

IF YES, then you can follow some of the answers in those stack overflow answers. BUT SOMETIMES, you don’t have control of that resource.

SO WHEN YOU DO A POST REQUEST with AJAX (jquery) AND YOU ARE SENDING JSON, and EXPECTING TEXT back. Here’s how it will look. Take a deep look at contentType and dataType

$.post({
  url: "http://www.someshitapi.com",
  data: {
    mood: "tired",
    isCorsAFuck: true
  },
  contentType: "application/json", // <-- what I'm sending to the server
  dataType: "text", // <-- what I think will come back from the server
  success: function(data) {
    console.log("Your request probably failed");
  },
  error: function(data) {
    console.log("Not Surprised");
  }
})

I send information to the server, the server sends shit back. We expect “text” back because of what we specified in dataType.

jsonp

jsonp and CORS are friends. They worked out an agreement to be friends. That means he gets let in at the front door when you knock.

$.get({
  url: "http://www.someshitapi.com",
  dataType: "jsonp"
})

EVEN IF CORS IS BLOCKING YOUR NORMAL AJAX REQUEST, jsonp can get you through the door. It’s a good last-ditch effort.

LAST RESORT

The last resort, when all else fails, YOU GOTTA BUILD YOUR OWN INTERMEDIARY SERVER. YES. FIRE UP A RAILS APP. ADD THE CORS HEADERS IN ALL THE RIGHT PLACES (not easy), THEN send your request to the RAILS APP, then send the request to the API. SOMEHOW, CORS DOESN’T GIVE A FUCK ABOUT THAT. He’s like ohhhhh fuck, it’s HTTParty!!!! GOAWD DAMN LET’S GET DRUUUUUNK.

FUCK YOU CORS…

UPDATE 10-13-2016 FUCK YOU AGAIN CORS. THIS IS MY DIARY TO CORS. FUCK YOU CORS.

TODAY HERE IS HOW CORS FUCKED ME.

XMLHttpRequest cannot load localhost:4000/api/searches. Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, https, chrome-extension-resource.

That was the error from the console. MY PROBLEM?

$.post({
  url: "localhost:4000/api/searches",
})

I WAS MISSING THE FUCKING HTTP ON THE FRONT OF THE URL. YOU FUCKING ASSHOLE CORSYCUNTS

Fix:

$.post({
  url: "http://localhost:4000/api/searches",
})

FUCK YOU ONCE AGAIN CORS.

END 10-13-2016 UPDATE FUCK YOU CORS.

UPDATE 07-21-2016

IF THERE IS ON THING I HATE ABOUT CODING IT IS CORS. FUCK CORS FUUUUUUUUUUUUCK YOU CORS I FUCKING REALLY HATE YOU CORS.

FUCK CORS FUCK YOU FUUUUUUUUUUCKING A I HATE CORS.

I CANT EVEN BEGIN TO EXPLAIN HOW MUCH I FUCKING HATE CORS.

FUCK CORS.

FUCK CORS WHEN YOU SAY MY REQUEST ISNT ALLOWED AND I FUCKING ALLOWED IT.

FUCK YOU CORS.

So it ended up not being a cors issue. FUCK YOU GOOGLE CHROME FOR YOUR HORRIBLE MESSAGE. But what I can I expect? It wasn’t wrong what google chrome told me, there really was a cors issue. The issue was that I had another server running, even though I had a closed all of them (or so I thouht). A hint should have bene that I had another server running when I made a request AND the request didn’t hit the server I had running in my terminal.

lsof -i:3000

Find all instances of servers running

kill -9 97438

Kill an instance of a running server

Post Content