0

For a school project, my mate and I are using a webpage using Microsoft Azure Video Indexer's API, since last week everything was working well but now I have this error every time.. I thought it was because of the new year because it stopped working the 1st of January. What is strange it's that the same snippet of code that worked don't work anymore. For example the sample proposed on the API's website for getting a token doesn't

<!DOCTYPE html>
<html>
<head>
    <title>JSSample</title>
    <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>

<script type="text/javascript">
    $(function() {
        var params = {
            // Request parameters
            "allowEdit": "False",
        };
      
        $.ajax({
            url: "https://api.videoindexer.ai/Auth/trial/Accounts/198UE0192/AccessToken?" + $.param(params),
            beforeSend: function(xhrObj){
                // Request headers
                xhrObj.setRequestHeader("x-ms-client-request-id","");
                xhrObj.setRequestHeader("Ocp-Apim-Subscription-Key","108D193J");
            },
            type: "GET",
            // Request body
            data: "{body}",
        })
        .done(function(data) {
            alert("success");
        })
        .fail(function() {
            alert("error");
        });
    });
</script>
</body>
</html
Samsoum41
  • 3
  • 1
  • The most probable reason is that your trial has expired. – Guy Incognito Jan 05 '21 at 12:03
  • I used only 30 minutes on the 2400 availables, but maybe its this. I tried to create another count, but i had the same kind of messages (Firefox) : "Blocage d’une requête multiorigines (Cross-Origin Request) : "la politique « Same Origin » ne permet pas de consulter la ressource distante située sur ... Raison : l’en-tête CORS « Access-Control-Allow-Origin » est manquant." :/ – Samsoum41 Jan 07 '21 at 12:57
  • Thats the error generated by the server that i cannot handshake with requests sent from browser. Check the documentation again, and watch for any changes recently or if new API is released. – Alaksandar Jesus Gene Jan 08 '21 at 13:43

2 Answers2

1

We have fixed the issue. you will get "access-control-allow-origin: *" header at the API responses.

your API key (Ocp-Apim-Subscription-Key) is private information, and you should not expose it at the client side.

you should generate access token from your web server using that key and use (send it at Authorization header) it with all your operations request.

please delete it from the example above as well.

oriziv
  • 54
  • 4
0

We are seeing the same issue with a previously working Angular app integration. Looks like the 'Access-Control-Allow-Origin: *' CORS header has been removed from the API response, which is required for direct web app integration without resorting to an API proxy.

Adam Duke
  • 11
  • 2
  • After contacting MS video indexer support they have fixed the issue and CORS headers are now being returned correctly. – Adam Duke Jan 10 '21 at 14:52