Default docs use URLs with CORS problems
See original GitHub issueIn the official documentation, the suggested code for a “hello world” app is:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<script src="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js"></script>
<link href="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Widgets/widgets.css" rel="stylesheet">
</head>
<body>
<div id="cesiumContainer" style="width: 700px; height:400px"></div>
<script>
Cesium.Ion.defaultAccessToken = 'your_access_token';
var viewer = new Cesium.Viewer('cesiumContainer');
</script>
</body>
</html>
Notice though that http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js
does not have proper CORS headers:
$ curl -sSL -D - "http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 11 Oct 2019 18:03:30 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js
X-Cache: Redirect from cloudfront
Via: 1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: eSJ8d846PU3t1BThqsnruCL1wfiyFn2fW7XRT_C4CQixmrhWVtaaOA==
HTTP/2 200
content-type: application/javascript
content-length: 3012745
x-amz-id-2: krj8FP6W6r899+ObigTsB6j2dPwNwMQM19GrxLmh8E3C4EF6y8Ezu5ex563D5/lnNM1Nh//OWho=
x-amz-request-id: 36EF02C834F59443
date: Fri, 11 Oct 2019 18:03:24 GMT
cache-control: public, max-age=1800
last-modified: Mon, 07 Oct 2019 17:56:14 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 65c5c292982d6d8875d94812b2bfdf95.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: p-k4OWO3RlGs1Rvgzl7aDyEvBmxEMbIO5tEQXezpTDH7_7sm41PoEg==
(notice the 301 redirection from HTTP to HTTPS also)
As it was noted in https://github.com/AnalyticalGraphicsInc/cesium/issues/8050#issuecomment-519691044 (the most recent issue regarding CORS, although there are more), this URL should be used instead:
<script src="https://cesiumjs.org/releases/1.60/Build/Cesium/Cesium.js"></script>
And, in fact:
$ curl -sSL -D - "https://cesiumjs.org/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/2 200
content-type: application/javascript
content-length: 3012745
x-amz-id-2: JVQz/mmYcOT4Y91uO/G+O4W1zEbmLwaCUoF+tTO8tpLrdtDaqbNOqlUG4ABUoUZiUWGnkErnrmM=
x-amz-request-id: 25E8648E40135A07
date: Fri, 11 Oct 2019 18:07:39 GMT
cache-control: public, max-age=1800
last-modified: Tue, 01 Oct 2019 15:40:29 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: EW6J9w-rZDy_vguTJsH8sP0miu-4eOmnTlyhD_suPsjKiWHRVm0kIw==
This URL has proper access-control-allow-*
headers set up.
Edit: Use latest release for everything
Issue Analytics
- State:
- Created 4 years ago
- Comments:5 (3 by maintainers)
Top Results From Across the Web
Cross-Origin Resource Sharing (CORS) - MDN Web Docs
For example, XMLHttpRequest and the Fetch API follow the same-origin policy. This means that a web application using those APIs can only request ......
Read more >Fixing Common Problems with CORS and JavaScript
Tutorial: This post walks through troubleshooting and fixing common problems associated with calling REST APIs from JavaScript.
Read more >Understanding and Resolving CORS Error - Contentstack
This step-by-step guide explains how to resolve CORS error and best practices.
Read more >Authoritative guide to CORS (Cross-Origin Resource Sharing ...
An in-depth guide to Cross-Origin Resource Sharing (CORS) for REST APIs, on how CORS works, and common pitfalls especially around security.
Read more >Configuring CORS - Apollo GraphQL Docs
Why use CORS? ... Most developers know about CORS because they run into the all-too-common CORS error. CORS errors usually occur when you...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@Juanlu001 this is fixed now. Thanks again for reporting this, and let us know if you have any other issues =)
@Juanlu001 the urls are changing soon and went live before they were ready. I reverted our Getting Started page to use the working, older urls. We’ll leave this open until the new ones are live and working.
Thanks again for reporting.