I did not sleep here for a day, so help me think.

There is a Vine player. He has api https://dev.twitter.com/web/vine/oembed . You can immediately see all the response headers here https://vine.co/oembed.json?id=5xJVBXAunrD

I need to get data from the client send a request

$.ajax({ url: 'https://vine.co/oembed.json?id=5xJVBXAunrD', dataType: "jsonp", contentType: "application/json", success: () => { console.log(arguments) }, }) 
 <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>

I get in the face:

Refused to execute script from ' https://vine.co/oembed.json?id=5xJVBXAunrD&callback=jQuery211011806981946079831_1482419611704&_=1482419611705 ' because of its MIME type ('application / json') is not to run, you need to be an installer, you need to be in use, you need to click, you need to click, you need to click.

In general, as I understand it, because of the very strict correspondence, do I need to proxy all this “Good” ?

    2 answers 2

    The error occurs due to the fact that the service gives json, and dataType = jsonp.

    If the service allowed you to access yourself from various sites, it would be enough just to replace the dataType with json. But in this case, the service does not allow and the browser will give an error

    No 'Access-Control-Allow-Origin' header is present.

    As a solution, you can either make a request to your server and make a request from the server using it, or use one of the services, for example: https://cors-anywhere.herokuapp.com/

    Example:

     $.ajax({ url: 'https://cors-anywhere.herokuapp.com/https://vine.co/oembed.json?id=5xJVBXAunrD', dataType: "json", contentType: "application/json", success: data => { console.log(data) }, }); 
     .as-console-wrapper { top: 0; max-height: 100% !important; } 
     <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js"></script>

    • Thank! by the way, the service gives jsonp normally, the current headers are not correct ... I don’t know, did they conceive it? Or, as always, they have done it ... - Andrew Soroka

    Try to replace the content type with Content-Type: application/javascript

    • Yes, the same will happen - Andrey Soroka