相关文章推荐
小百科  ›  CORS errors with file URLs - APIs - Bubble Forum
cors
帅呆的豌豆
1 月前

I am simply trying to create a file download link. The files are private, and uploaded via workflow API. I have tried two methods for downloading, both of which result in CORS errors. I believe this is because the download links are myapp.bubbleapps.io and the main page with the download button is my personal domain.

The two methods I have tried are:

  • This file downloader plugin https://bubble.io/plugin/file-downloader-1539124824422x194279356396994560
  • Running Javascript via workflow

    • Seems like something so basic shouldn’t require such gymnastics. Would be great to be able to customize a CORS policy too. Any help would be appreciated.

    That’s how CORS works. Replace myapp.bubbleapps.io with your custom domain when generating links, it should work. You can either do it once in a database or each time a link is generated for whatever action/element is using it.

    Upload API generates private links in a form /fileupload/some-uid/uuid.ext , i.e. omitting protocol and domain name. These links should generally work for any domain, but some plugins/elements don’t understand relative URLs. The question is why and when uploaded URLs are prepended with domain name. You should find that activity in your app and fix it.

    @vladimir.pak Thanks. I am creating the file via Workflow API. And perhaps I should attempt to call a different endpoint, or figure out what part of that workflow is creating the domain difference.

    I think I just assumed that Bubble would handle the CORS policy for file downloads.

    Basically, the plugin is a JS script client side. This won’t work until you have the same domain for file and app where you are using this action. This is a browser security.
    Which file extension? Why not just open the file url in a new browser window (if the extension is not handled by browser, this will trigger download automatically)?

    Oh for sure. I definitely understand CORS. There are two ways to solve in my mind.

  • Change file URL to be my domain. I didn’t realize I have control over the URL generated for file creation.
  • Adopt a CORS policy header for the server response to allow that origin for file download.

    • Sounds like general recommendation is the first option. I’ll have to give that a try.

    File extension is JSON. And it does need to be a downloaded json file.

    @Jici @tylerboodman @vladimir.pak Thank you for the help. Solved.

    So all I needed to do, was call the API workflow differently. Both appname.bubbleapps.io and customdomain.com are acceptable endpoints for calling the api/1.1/wf endpoint. But when submitting a file, the URL is derived from which hostname you have in your request.

    My external API was calling the bubbleapp domain, and thus the file URL was seen as cross domain when trying to access from customerdomain.com .

    Appreciate the help!

     
    推荐文章
    Link管理   ·   51好读   ·   Sov5搜索   ·   小百科
    小百科 - 百科知识指南