I would like to automate some tasks in my work. That means for example instead of time consuming logging in RT, searching for particular ticket I would like to update it from simple HTML form with help of JavaScript (that's the only tool I have right now).
the domains looks like this:
mydomain.example.io
and
RTdomain.example.io
example code:
var url = "https://RTdomain.example.io/REST/1.0/ticket/1065/edit?user=guest&pass=guest";
var xhr = new XMLHttpRequest();
xhr.open("POST", url, true);
xhr.setRequestHeader('Content-Type', 'text/html');
xhr.send(JSON.stringify({
content: "Content: asdf"
}));
As you probably can tell right away, the browser doesn't want to let me call POST because of No 'Access-Control-Allow-Origin' header.
Is there a way I can edit a ticket without CORS and without interfering with RT server?
What I do have is an RT account and security access token tied with it if it helps. I also can't turn off browser cross-origin security.
on Wikipedia XMLHttpRequest one can read that:
The CORS protocol has several restrictions, with two models of support. The simple model does not allow setting custom request headers and omits cookies. Further, only the HEAD, GET and POST request methods are supported, and POST only allows the following MIME types: "text/plain", "application/x-www-urlencoded" and "multipart/form-data". Only "text/plain" was initially supported. The other model detects when one of the non-simple features are requested and sends a pre-flight request to the server to negotiate the feature.
So how can I understand this? Can I make POST with text/plain data type without pre-flight check?
I am sorry if I sound like total noob but I read quite a few things regarding this topic and the only thing it made me is just more confused. I don't have much experience with apis, I've done only one android app which works with GitHub api, and dealing with it with javascript is a headache for me.
This is their API wiki: RT wiki Anyone have a concise solution to this? Thank you.
