Datalink http GET post blocked by CORS policy

GRG

New member
Hi,
I am trying to use the HTTP GET request to update a Datalink tag in my TriCaster mini HD-4 Advanced Edition. I can run the request through the TriCaster web page but if an external request is sent to the TriCaster web address the Web Server has a security setting that blocks the external request response, I don’t think this is intended and I suspect the Tricaster web server has not configured CORS “Access-Control-Allow-Origin” or “Access-Control-Allow-Methods: POST, GET”.
I have run the GET via Javascript on an Apache server and also directly through a Python Script both on another machine which is on the same network as the TriCaster both methods have the same result.

Tricaster web response:
Access to XMLHttpRequest at 'http://MyTricaserIP/v1/datalink?key=key&value=value' from origin 'http://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Direct to Tricaster Web

Result
DataLink executed.

My aim is to update Datalink Tags frequently as I have constantly changing data to overlay.
 

GRG

New member
Hi,
No I still have the issue. I am interested that you had CORS only once.
My setup has:
Connected via cable to an NBN Router TriCaster Mini Advanced HD-4
Connected via WiFi to the same NBN Router My machine
My machine runs a web server.
When My webserver sends a JS GET request to the TriCaster I get blocked by CORS
My JS code snippet :
JavaScript:
self.xmlhttp = new XMLHttpRequest();
                self.xmlhttp.open("GET","http://MyTricasterIP/v1/datalink?key=key&value=value",true);
                self.xmlhttp.send();
                    if (self.xmlhttp.readyState==4 && self.xmlhttp.status==200)
                    {
                    document.getElementById(Instance).innerHTML=self.xmlhttp.responseText;
                    }

Bypassing the My machine web server gets the same result that is:
My Machine running Python from the shell
Python:
def DirectHTTPRequest():


    x = requests.get('http://MyTricasterIP/v1/datalink?key=key&value=value')
    text = print(x.status_code)


    return text
Returns blocked by CORS

placing "MyTricasterIP/v1/datalink?key=key&value=value" into the address bar of Chrome on My machine returns a successful Datalink execution.

All of this is exactly as described in CORS and is explained as a server side setting.
I thought this link explained it well.
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

Thanks for replying to my post.
 

kanep

NewTek SE
Turn off the LivePanel password and you will not be blocked by CORS if trying to communicate with the TriCaster when using another web server to host your files.
 

GRG

New member
Turn off the LivePanel password and you will not be blocked by CORS if trying to communicate with the TriCaster when using another web server to host your files.
Hi,
Thank you very much. Unchecking the Require password on the LivePanel password administrator setting has stopped the CORS block. happy days!

Didn't think I could have LivePanel on a mini HD-4 great if I can though.
 

kanep

NewTek SE
The LivePanel password adds authentication to the web server for API access control. It might be called 'LivePanel password', but really it is for anything that wants to provide HTTP control. If the web pages are located on the TriCaster server, then CORS would not be an issue, but when the primary domain is another web server, then CORS comes into play.

If you Mini is running AE3, then you can add LivePanel to it.
 

GRG

New member
The LivePanel password adds authentication to the web server for API access control. It might be called 'LivePanel password', but really it is for anything that wants to provide HTTP control. If the web pages are located on the TriCaster server, then CORS would not be an issue, but when the primary domain is another web server, then CORS comes into play.

If you Mini is running AE3, then you can add LivePanel to it.
Again thank you for your help, I have AE3 so looks like I can add LivePanel.
 
Top Bottom