Hoppscotch: GET on my Glitch API doesn't work
Describe the bug
A simple GET request on http://aashutoshrathi.glitch.me/api/self/gh gives the error
To Reproduce
Steps to reproduce the behavior:
- Go to https://liyasthomas.github.io/postwoman/
- Select Method as "GET"
- URL as
http://aashutoshrathi.glitch.me - And Path as
/api/self/gh - Then send a request.
Expected behavior
It should result in response same as http://aashutoshrathi.glitch.me/api/self/gh
Screenshots
aashutoshrathi
All 4 comments
Use https:// instead of http://.
Here is a screenshot from when I ran it using https://:
Here is a comment about http not working right now: link to comment
striebwj
on 22 Aug 2019
Possible duplicate of #2.
CORS is a server side security policy feature which blocks API calls from any non-HTTPS requests.
liyasthomas
on 23 Aug 2019
I think I should close it then.
aashutoshrathi
on 24 Aug 2019
This is not a CORS issue, but rather a Mixed Content issue. An XMLHttpRequest or fetch() request is considered "active content"; "mixed active content" such as a XMLHttpRequest or fetch() to an http:// URL from an https:// URL has been blocked by default since Firefox 23 and is also blocked by Chrome.
In this case, both URLs provide the same CORS headers:
< access-control-allow-origin: *
< access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
Also, CORS does not block cross-origin requests: the same-origin policy prevents them by default, and CORS headers can be used to opt-in to allowing them.
jamesscottbrown
on 28 Aug 2019
Related issues
jgroom33
路
5Comments
liyasthomas
路
4Comments
wafeishushu
路
3Comments
AtomicNicos
路
3Comments
edisonaugusthy
路
5Comments
Most helpful comment
Use https:// instead of http://.
Here is a screenshot from when I ran it using https://:
Here is a comment about http not working right now: link to comment