question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Default docs use URLs with CORS problems

See original GitHub issue

In the official documentation, the suggested code for a “hello world” app is:

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="utf-8">
  <script src="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js"></script>
  <link href="http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Widgets/widgets.css" rel="stylesheet">
</head>
<body>
  <div id="cesiumContainer" style="width: 700px; height:400px"></div>
  <script>
    Cesium.Ion.defaultAccessToken = 'your_access_token';
    var viewer = new Cesium.Viewer('cesiumContainer');
  </script>
</body>
</html>

Notice though that http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js does not have proper CORS headers:

$ curl -sSL -D - "http://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Fri, 11 Oct 2019 18:03:30 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://cesium.com/downloads/cesiumjs/releases/1.62/Build/Cesium/Cesium.js
X-Cache: Redirect from cloudfront
Via: 1.1 77fcce204f96e329df7227f192690939.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MAD50-C1
X-Amz-Cf-Id: eSJ8d846PU3t1BThqsnruCL1wfiyFn2fW7XRT_C4CQixmrhWVtaaOA==

HTTP/2 200 
content-type: application/javascript
content-length: 3012745
x-amz-id-2: krj8FP6W6r899+ObigTsB6j2dPwNwMQM19GrxLmh8E3C4EF6y8Ezu5ex563D5/lnNM1Nh//OWho=
x-amz-request-id: 36EF02C834F59443
date: Fri, 11 Oct 2019 18:03:24 GMT
cache-control: public, max-age=1800
last-modified: Mon, 07 Oct 2019 17:56:14 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 65c5c292982d6d8875d94812b2bfdf95.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: p-k4OWO3RlGs1Rvgzl7aDyEvBmxEMbIO5tEQXezpTDH7_7sm41PoEg==

(notice the 301 redirection from HTTP to HTTPS also)

As it was noted in https://github.com/AnalyticalGraphicsInc/cesium/issues/8050#issuecomment-519691044 (the most recent issue regarding CORS, although there are more), this URL should be used instead:

<script src="https://cesiumjs.org/releases/1.60/Build/Cesium/Cesium.js"></script>

And, in fact:

$ curl -sSL -D - "https://cesiumjs.org/releases/1.62/Build/Cesium/Cesium.js" -o /dev/null
HTTP/2 200 
content-type: application/javascript
content-length: 3012745
x-amz-id-2: JVQz/mmYcOT4Y91uO/G+O4W1zEbmLwaCUoF+tTO8tpLrdtDaqbNOqlUG4ABUoUZiUWGnkErnrmM=
x-amz-request-id: 25E8648E40135A07
date: Fri, 11 Oct 2019 18:07:39 GMT
cache-control: public, max-age=1800
last-modified: Tue, 01 Oct 2019 15:40:29 GMT
etag: "1f29f790a629e4346932199907e292a7"
server: AmazonS3
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: EW6J9w-rZDy_vguTJsH8sP0miu-4eOmnTlyhD_suPsjKiWHRVm0kIw==

This URL has proper access-control-allow-* headers set up.

Edit: Use latest release for everything

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:5 (3 by maintainers)

github_iconTop GitHub Comments

2reactions
hpinkoscommented, Oct 15, 2019

@Juanlu001 this is fixed now. Thanks again for reporting this, and let us know if you have any other issues =)

1reaction
mramatocommented, Oct 12, 2019

@Juanlu001 the urls are changing soon and went live before they were ready. I reverted our Getting Started page to use the working, older urls. We’ll leave this open until the new ones are live and working.

Thanks again for reporting.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cross-Origin Resource Sharing (CORS) - MDN Web Docs
For example, XMLHttpRequest and the Fetch API follow the same-origin policy. This means that a web application using those APIs can only request ......
Read more >
Fixing Common Problems with CORS and JavaScript
Tutorial: This post walks through troubleshooting and fixing common problems associated with calling REST APIs from JavaScript.
Read more >
Understanding and Resolving CORS Error - Contentstack
This step-by-step guide explains how to resolve CORS error and best practices.
Read more >
Authoritative guide to CORS (Cross-Origin Resource Sharing ...
An in-depth guide to Cross-Origin Resource Sharing (CORS) for REST APIs, on how CORS works, and common pitfalls especially around security.
Read more >
Configuring CORS - Apollo GraphQL Docs
Why use CORS? ... Most developers know about CORS because they run into the all-too-common CORS error. CORS errors usually occur when you...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found