CORS issue with file upload
I'm trying to do a CORS preflight to check whether the file I'm uploading is already in the folder before uploading it. And failing.
I've enabled CORS support for my app, got a developer token and I can do a full CORS-based file upload successfully without the preflight check.
The doUpload function below works successfully with CORS:
/** * @param token a valid oauth token * @param item a File * @param folderId the folder we're uploading to */ function doUpload(token, item, folderId) { var form = new FormData(); form.append('parent_id', folderId); form.append('file', item); $.ajax({ url: 'https://upload.box.com/api/2.0/files/content', headers: { 'Authorization': 'Bearer ' + token }, type: 'POST', cache: false, processData: false, contentType: false, data: form, complete: function (response) { console.log('doUpload response:', response); }, success: function (data) { console.log('Uploaded successfully'); }, error: function (error) { console.error('Upload failed :('); } }); }
...however, the doPreFlight function below fails:
/** * @param token a valid oauth token * @param item a File * @param folderId the folder we're uploading to */ function doPreFlight(token, item, folderId) { $.ajax({ url: 'https://upload.box.com/api/2.0/files/content', headers: { 'Authorization': 'Bearer ' + token }, type: 'OPTIONS', cache: false, processData: false, data: { name: item.name, parent: { id: folderId }, size: item.size }, complete: function (response) { console.log('doPreFlight response:', response); }, success: function (data) { doUpload(token, item, folderId); }, error: function (error) { console.error('Preflight failed :('); // if the file is already there, upload a new version - https://docs.box.com/reference#upload-a-new-version-of-a-file } }); }
It gives an error in browser console:
XMLHttpRequest cannot load https://upload.box.com/api/2.0/files/content. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9010' is therefore not allowed access.
What's going on? How do I do the preflight separately?
Please sign in to leave a comment.
Comments
0 comments