Unable to fetch data in webpage using http url in javascript. Error: Cross-Origin Request Blocked

vilassninawe

Hi,

I tried to fetch data for quote using below url from my webpage using javascript .

"https://api.kite.trade/instruments/NSE/INFY?api_key=xxx&access_token=yyy"

But I get below error.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://api.kite.trade/instruments/NSE/INFY?api_key=xxxxx&access_token=yyyyyyyyyyyyyy. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

Also, command given in developer page doesn't work when it is typed in linux terminal.

$ curl "https://api.kite.trade/instruments/NSE/INFY?api_key=xxx&access_token=yyy"

gives error {"status": "error", "message": "Missing access_token", "error_type": "InputException"}



It works only when I type it in firefox address bar.



How can I solve this problem.?

Below is the javascript used in my webpage:



var getInfo = function GetCustomerInfo()
{
var Url = "https://api.kite.trade/instruments/NSE/INFY?api_key=xxxxx&access_token=yyyyyyyyyyyyyy"

xmlHttp = null;
xmlHttp = new XMLHttpRequest();
xmlHttp.onreadystatechange = ProcessRequest;
xmlHttp.open( "GET", Url, true );
xmlHttp.send( null );
}

function ProcessRequest()
{
if ( xmlHttp.readyState == 4 && xmlHttp.status == 200 )
{
console.log( xmlHttp.responseText );
}
}

window.onload = getInfo;




Thanks.

Kailash

As the error suggests, cross origin requests are blocked. You cannot make these requests from a webpage (browser) as that'll mean you expose the access_token. You have to access the API using a server side program.