Community
Fusion API and Scripts
Got a new add-in to share? Need something specialized to be scripted? Ask questions or share what you’ve discovered with the community.
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

XMLHttpRequest - CORS with Origin is null

6 REPLIES 6
SOLVED
Reply
Message 1 of 7
AkumeiKent
1780 Views, 6 Replies

XMLHttpRequest - CORS with Origin is null

Greetings!

 

So I've been trying to create an JS action-script that uses Cross Origin Resource Sharing.  I am using an nginx server and have already created the appropriate headers in my nginx.conf file to allow "access-control-allow-origin: *".  However, when I call the script, I am getting a "access-control-allow-origin origin is null" issue.  Does anyone know what the origin is in Fusion 360?  I have an underlying suspicion that Fusion 360 might be calling from origin: File:///   but I am unsure.  Does anyone have any ideas or suggestions for what I should try out?

6 REPLIES 6
Message 2 of 7
KrisKaplan
in reply to: AkumeiKent

You can verify in the debugger console with 'location.origin' that the origin is indeed 'File://' as the script's html file is opened as a local file in the browser.

 

I'm not sure I have any great suggestions.  The standard ones would be to try JSONP instead.

Or to run your code from a local server instead of file.  You could do this by first running a local server (maybe a simple Python or Node server) to host your script files, and have your main Fusion script use something like "location.href = 'http://localhost:pornum/myscript.html'" to navigate the page to the local server hosted script which will give you a non-null origin.

Or you could do this in a Python script instead (using something like the 'requests' library) where there are no browser security issues.

 

Kris



Kris Kaplan
Message 3 of 7
AkumeiKent
in reply to: KrisKaplan

I noticed that the origin is indeed : File:// as it is getting called locally from the browser.

I might try the method that you mentioned of using location.href or take the Python approach.

I would take the JSONP approach but it would not allow me to perform a POST. I am trying to post data to a site via CORS. But I will look further into these two suggestions you have provided.

Does Python not have a preflight session when performing CORS related operations?
Message 4 of 7
KrisKaplan
in reply to: AkumeiKent

CORS is really a web browser specific security protocol.  It does not really apply to requests made outside of a browser's security context, such as from Python running in a desktop application like Fusion.  Of course, you would be free to preflight requests from Python if you wish by directly making the OPTIONS request and interpreting the Access-Control-* headers, but I don't see why you would ever want to do that.

 

Kris



Kris Kaplan
Message 5 of 7
AkumeiKent
in reply to: KrisKaplan

Oh, I am trying to use CORS so that I can use the script to both export the design as a STEP file and also send it to my site on another domain. Hence, I wanted to look into the options regarding posting a file.
Message 6 of 7
KrisKaplan
in reply to: AkumeiKent

CORS is a protocol to bypass the 'same origin' security restriction in web browsers.  A Python script is not bound by any such restrictions, so it would be free to make any direct requests (GET, POST, PUT, DELETE, etc...) without requiring any sort of CORS support by the server.

 

Kris



Kris Kaplan
Message 7 of 7
AkumeiKent
in reply to: KrisKaplan

Thanks Kris! I'll just use Python then 🙂 Thank you for your help!

Can't find what you're looking for? Ask the community or share your knowledge.

Post to forums  

Autodesk DevCon in Munich May 28-29th


Autodesk Design & Make Report