CORS problem
Closed this issue · 19 comments
I've a CORS problem with your endPoint api.php
Any solution ?
@amilamen This is not a problem with the library per se. CORS is exactly about this - you can't do cross-host calls unless explicitly enabled on the backend side. In this case "localhost" does not match "coinpayments.net". You need to adjust your CORS settings, which I don't think this library has anything in common with.
Also api.php is clearly a PHP endpoint, while this is a Node.js library.
@kibertoad I use your Node.js library and I've faced on this issue.
Try to test it.
Your Node.js library calls your API which is written in PHP.
@OrahKokos Can you check this? I wonder if coinpayments changed CORS configuration on their end.
When I call this method client.createTransaction(options), I've CORS error.
I have CORS error too when use client.rates()
@kibertoad @amilamen @OrahKokos I tried to make a request through postman copying and importing the same request that seemed to be wrong, however here I had no problem, the result was as expected, status 200, with the same result of the Alt Coin prices
Therefore I conclude that what is failing at the moment is the package, because I can make successful requests through postman
I also tried the API to create a transaction and got a successful response
Edit:
After documenting myself a bit more, I see that postman does not count as a browser so CORS does not apply, and this can only be solved from the backend.
I conclude with it by manually using fetch and axios, without getting a successful response from the API
@omarbastos it is correct !
@amilamen @omarbastos Greetings friends.
As tradition I have to state again: This is a community module, none of the contributors are related with the company Coinpayments. So there is no OUR api, we just maintain the API wrapper.
I've just tested the lib from source and testing from npm dist, did not encounter this error.
It could have been a hiccup from coinpayments server, please try again and let us know if it works.
If this ticket is not updated it will be closed as it seems unrelated with the lib.
Thank you for reply @OrahKokos !
The CORS error is always present.
@amilamen Could you please explain how are you using the lib in order to get this error, since i cannot reproduce.
I can see that the error you have supplied in the ticket, seems like a (visually) browser error, could you eleborate?
What's the fix? The issue comes when used directly with browser
@qalqi in my case I chose to make an API with firebase cloud functions and node, the request goes from server to server and it works very well, from the browser I couldn't use it
@omarbastos @qalqi @amilamen Aha i see.
This lib is not supposed to be used from the frontend.
In more general terms this lib is a payment provider (payment gateway), which is a very backend thing.
Also providing your credentials to the client is probably not a good idea :D
However, before closing, let me bring something to your attention ( the appropriate direction for FE ):
https://www.coinpayments.net/merchant-tools
If you take a look at that page you can see that there are multiple tools to integrate with coinpayments.
This lib covers the API/IPN part. But the UI components are separate (based on App key and not on secrets).
I'd suggest to scout the web and find UI implementations, if non exist, well you have to make it then.
My $0.02
Earlier coinpayments payments package was working within a browser.
Please add doesn't support the browser to Readme or something.
I have migrated to firebase cloud functions too and working fine.
@qalqi @amilamen Understand the frustration. Never added explicitly that this is a backend lib that is true, but here is the kicker.
Using this in FE SHOULD HAVE ALWAYS blocked you from doing this. The problem with "We used it before and now its no longer working" has a lot more to do with the company and the digital product that is coinpayments.
AKA: They just introduced CORS on their server recently and this is why it no longer works for you.
Why dident they have CORS on their server in the first place? Well... probably the same answer as "Why does their endpoint publicly end with .php?" .
Not to bash only coinpayments with their shity server, as engineers you need to understand that supplying credentials to clients is very easy way to lose all your crypto ( or someone elses ). Lesson lived, lesson learned.
Let not beat this ticket up anymore as its out of scope.
Happy new year and all the best.
@qalqi @amilamen Understand the frustration. Never added explicitly that this is a backend lib that is true, but here is the kicker.
Using this in FE SHOULD HAVE ALWAYS blocked you from doing this. The problem with "We used it before and now its no longer working" has a lot more to do with the company and the digital product that is coinpayments.
AKA: They just introduced CORS on their server recently and this is why it no longer works for you.
Why dident they have CORS on their server in the first place? Well... probably the same answer as "Why does their endpoint publicly end with .php?" .Not to bash only coinpayments with their shity server, as engineers you need to understand that supplying credentials to clients is very easy way to lose all your crypto ( or someone elses ). Lesson lived, lesson learned.
Let not beat this ticket up anymore as its out of scope.
Happy new year and all the best.
I totally agree with you, for me it was frustrating at first, but I learned this good practice of never leaving my credentials in the client, even though I use a framework like vue is not recommended, I preferred to make an API with the cloud functions of firebase and it worked perfectly, I think even better than before