[openstreetmap/openstreetmap-website] Allow getting a GPX in the browser outside openstreetmap.org (Issue #5639)
Harel M
notifications at github.com
Mon Feb 10 08:27:21 UTC 2025
Here's an example of a call to get the data of one of my traces:
Running the following code in the browser console when surfing to https://israelhiking.osm.org.il/:
```js
fetch("https://api.openstreetmap.org/api/0.6/gpx/4192873/data").then(r => r.text()).then(console.log)
```
Which is expected, as this trace is not "fully public", and thus requires authentication.
When adding the OAath2 token as a header I get this:
```js
fetch("https://api.openstreetmap.org/api/0.6/gpx/4192873/data", { method: "GET", headers: {Authorization: "Bearer my-token-reducted"}}).then(r => r.text()).then(console.log)
```
I get the following error:
While there might not be a need to send preflight request, the browser does this anyway and thus prevents from getting the data right from the browser.
Is it possible to add CORS support for the relevant endpoint?
Am I doing something wrong?
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/5639#issuecomment-2647253954
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/5639/2647253954 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20250210/e6364cc8/attachment-0001.htm>
More information about the rails-dev
mailing list