I have a client and a server. My workflow is as follows:
- The server uploads the snippet to YouTube with the v3 API and receives a renewable URL (Youtube v3 API for renewable downloads - https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol )
- This URL is sent from my server to the browser, where the browser makes an ajax PUT request to download the actual file to the renewable URL.
- Thus, the file is not transferred to the server, but is directly downloaded from the client.
As a result, I get an error and the file could not be uploaded.
XMLHttpRequest cannot load https://www.googleapis.com/upload/youtube/v3/videos?key=mydevkeyanduploadid.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:3000' is therefore not allowed access.
This is an ajax request:
var ajax = $.ajax({
url: options.url,
method: 'PUT',
crossDomain:true,
contentType: options.file.type,
headers: {
'Authorization': 'Bearer ' + options.accessToken,
'Content-Range': 'bytes ' + options.start + '-' + (options.file.size - 1) + '/' + options.file.size
},
processData: false,
data: options.file
});
The browser sends an OPTIONS request, which looks like this:
Remote Address:173.194.65.95:443
Request URL:https://www.googleapis.com/upload/youtube/v3/videos?key=mydevkey&part=snippet%2Cstatus&uploadType=resumable&upload_id=myuploadid
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,es;q=0.6,pt;q=0.4,bg;q=0.2
Access-Control-Request-Headers:content-range, accept, authorization, content-type
Access-Control-Request-Method:PUT
Connection:keep-alive
Host:www.googleapis.com
Origin:http://localhost:3000
Referer:http://localhost:3000/episodes/0-do-you-know-your-enemy/preview
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Query String Parametersview sourceview URL encoded
key:mydevkey
part:snippet,status
uploadType:resumable
upload_id: myuploadit-this one is long
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:content-range, accept, authorization, content-type
Access-Control-Allow-Methods:PUT
Access-Control-Allow-Origin:http://localhost:3000
Alternate-Protocol:443:quic,p=0.02
Content-Length:0
Content-Type:text/html; charset=UTF-8
Date:Sun, 11 Jan 2015 13:56:11 GMT
Server:UploadServer ("Built on Dec 19 2014 10:24:45 (1419013485)")
,
Access-Control-Allow-Headers:content-range, accept, authorization, content-type
Access-Control-Allow-Methods:PUT
Access-Control-Allow-Origin:http://localhost:3000
, PUT URL-,
http:
OPTIONS PUT:
Request URL:https://www.googleapis.com/upload/youtube/v3/videos?key=mydevkey&part=snippet%2Cstatus&uploadType=resumable&upload_id=myuploadid
Request Headers CAUTION: Provisional headers are shown.
Accept:*/*
Authorization:Bearer thishereistheaccesstoken
Content-Range:bytes 0-21234/21235
Content-Type:application/x-www-form-urlencoded; charset=UTF-8
Origin:http://localhost:3000
Referer:http://localhost:3000/episodes/0-do-you-know-your-enemy/preview
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
Query String Parametersview sourceview URL encoded
key:mydevkey
part:snippet,status
uploadType:resumable
upload_id:myuploadid
,
Origin:http:
, PUT.
XMLHttpRequest cannot load https://www.googleapis.com/upload/youtube/v3/videos?key=mydevkeyanduploadid.
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:3000' is therefore not allowed access.
"" Access-Control-Allow-Origin? ". " Access-Control-Allow-Origin" OPTIONS ?