Cesium: Default docs use URLs with CORS problems
In the official documentation, the suggested code for a "hello world" app is:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<script src="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js"></script>
<link href="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Widgets/widgets.css" rel="stylesheet">
</head>
<body>
<div id="cesiumContainer" style="width: 700px; height:400px"></div>
<script>
Cesium.Ion.defaultAccessToken = 'your_access_token';
var viewer = new Cesium.Viewer('cesiumContainer');
</script>
</body>
</html>
Notice though that http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js does not have proper CORS headers:
$ curl -sSL -D - "http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 11 Oct 2019 18:03:30 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js
X-Cache: Redirect from cloudfront
Via: 1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: eSJ8d846PU3t1BThqsnruCL1wfiyFn2fW7XRT_C4CQixmrhWVtaaOA==
HTTP/2 200
content-type: application/javascript
content-length: 3012745
x-amz-id-2: krj8FP6W6r899+ObigTsB6j2dPwNwMQM19GrxLmh8E3C4EF6y8Ezu5ex563D5/lnNM1Nh//OWho=
x-amz-request-id: 36EF02C834F59443
date: Fri, 11 Oct 2019 18:03:24 GMT
cache-control: public, max-age=1800
last-modified: Mon, 07 Oct 2019 17:56:14 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 65c5c292982d6d8875d94812b2bfdf95.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: p-k4OWO3RlGs1Rvgzl7aDyEvBmxEMbIO5tEQXezpTDH7_7sm41PoEg==
(notice the 301 redirection from HTTP to HTTPS also)
As it was noted in https://github.com/AnalyticalGraphicsInc/cesium/issues/8050#issuecomment-519691044 (the most recent issue regarding CORS, although there are more), this URL should be used instead:
<script src="https://cesiumjs.org/releases/1.60/Build/Cesium/Cesium.js"></script>
And, in fact:
$ curl -sSL -D - "https://cesiumjs.org/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/2 200
content-type: application/javascript
content-length: 3012745
x-amz-id-2: JVQz/mmYcOT4Y91uO/G+O4W1zEbmLwaCUoF+tTO8tpLrdtDaqbNOqlUG4ABUoUZiUWGnkErnrmM=
x-amz-request-id: 25E8648E40135A07
date: Fri, 11 Oct 2019 18:07:39 GMT
cache-control: public, max-age=1800
last-modified: Tue, 01 Oct 2019 15:40:29 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: EW6J9w-rZDy_vguTJsH8sP0miu-4eOmnTlyhD_suPsjKiWHRVm0kIw==
This URL has proper access-control-allow-* headers set up.
_Edit: Use latest release for everything_
astrojuanlu
All 5 comments
Thank you for reporting this @Juanlu001
We will enable CORS for that directory
hpinkos
on 11 Oct 2019
@Juanlu001 the urls are changing soon and went live before they were ready. I reverted our Getting Started page to use the working, older urls. We'll leave this open until the new ones are live and working.
Thanks again for reporting.
mramato
on 12 Oct 2019
@Juanlu001 this is fixed now. Thanks again for reporting this, and let us know if you have any other issues =)
hpinkos
on 15 Oct 2019
@mramato @hpinkos I think this was fixed for a period of time, but I just observed that:
- The docs again have the
cesium.com/downloads/cesiumjsurls - The
cesium.com/downloads/cesiumjsurls still don't have proper CORS headers:
juanlu@voyager:~$ curl -sSL -D - "https://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null | grep accept
juanlu@voyager:~$
- The old urls have proper CORS headers... but now redirect to the new ones!
$ curl -sSL -D - "https://cesiumjs.org/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/2 301
content-length: 0
location: https://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js
server: CloudFront
date: Thu, 17 Oct 2019 14:27:31 GMT
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache: LambdaGeneratedResponse from cloudfront
via: 1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-C1
x-amz-cf-id: ASJwNHg9DRJfnM9VMh9t8doNzRUdRs6v12DTTceH5QoGzp5nlwBl0g==
HTTP/2 200
content-type: application/javascript
content-length: 3012745
x-amz-id-2: eK77EmoVGW6UVbCJqZw1APJAXC/UPIkwqEbfI4Hi1mfg0/Qkp8R6tFf4qlK1QPResjQRHoakbVQ=
x-amz-request-id: FBF99BC1CC62A02F
date: Thu, 17 Oct 2019 14:23:33 GMT
cache-control: public, max-age=1800
last-modified: Mon, 07 Oct 2019 17:56:14 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0796a6c563c088b84cdd717dd915878d.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C1
x-amz-cf-id: yfla_3-FVz6tK_G8gQ8jS8sewHViWPaD2-qttl7qtTUKEF9Mdokr1A==
Therefore, I am observing CORS errors in my app and again doesn't show anything.
astrojuanlu
on 17 Oct 2019
Sorry, I see this is being tracked in https://github.com/AnalyticalGraphicsInc/cesium/issues/8286.
astrojuanlu
on 17 Oct 2019
Related issues
pjcozzi
路
4Comments
pjcozzi
路
4Comments
hpinkos
路
4Comments
worlddai
路
3Comments
hanbollar
路
4Comments
Most helpful comment
@Juanlu001 this is fixed now. Thanks again for reporting this, and let us know if you have any other issues =)