I am calling a POST API for OAuth authentication which is blocked by the google chrome browser, looks like the issue is of site isolation/CORB.
While the same request is being properly at the network level (checked in fiddler and postman).
Question
CORS/CORB/Site Isolation issue in an API call
Anyone solved this? I am unable to use the OATH method for Figma API because of CORS. Is there something I can do to fix this? I am using https with my server and still no luck. I thought you could connect to an API outside of you server and not get the CORS error.
1 person likes this
Any update on this?
Nope :(. Nothing that I have seen. Still a problem.
Hey, sorry to hear y’all are blocked by this. Can we get a screenshot of the chrome warning and/or some steps to reproduce?
Here is what it looks like for me even though I enabled CORS headers on the server 😦
Are you trying to use this inside of the plugin window? This isn’t possible as the plugin iframe always has the null origin. Here is how you are supposed to do this:
figma.com
Nope, I am using it with a VueJS application using axios. I tried doing headers on my web server and tried using proxies, but nothing has worked.
Can you show the full request code?
What code are you asking for? You want to see my code that calls the API? It is a simple axios get call.
async fetchComments() {
console.log(‘fetching comments’);
this.loading = true;
try {
const headers = {
Authorization: 'Bearer ’ + this.txtApiKey,
};
const res = await axios.get(‘https://api.figma.com/v1/files/’ + this.ddFiles + ‘/comments’, {
headers,
});
this.figmaComments = res.data.comments;
// Set chose file in local storage. To be used later when we want to show file information on the home page.
localStorage.setItem('ddFiles', this.ddFiles);
// Close the modal after selecting the file to see comments for.
let modalToClose: any = this.$refs.closeSetFigmaCredentials;
modalToClose.click();
} catch (error) {
this.errorMessage = 'An error has occured whle loading the comments.';
} finally {
this.loading = false;
}
},
I am still facing this issue. I am making a web page that brings up all of my file’s comments. When I do this, using the Figma API, it, of course, considers that CORS and blocks it in my browser unless I start the browser in no security mode. Is there a way to make a call to the Figma API from a website (different domain) without getting the CORS issue? Is there a proxy or other mechanism that I can use to bypass this? @jak_e you asked me about it but I didn’t see a response.
Anyone know how to solve this? Still cannot use my website to retrieve comments from the Figma API without opening the browser with CORS disabled.
Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.