上传到 YouTube API 时缺少“Access-Control-Allow-Origin" [英] ‘Access-Control-Allow-Origin’ missing when uploading to YouTube API
问题描述
多年来,我们一直使用一些自定义 JavaScript 代码通过 YouTube API 成功上传视频.该代码基于 Google (cors_upload.js) 提供的一些示例.这不是我们经常使用的东西,只是每两周一次.
For several years we have successfully been uploading videos via the YouTube API using some custom JavaScript code. The code was based on some samples provided by Google (cors_upload.js). It's not something we use a lot, just every couple of weeks.
几周前一切正常,但我注意到最近一切都停止了.我们登录很好,我们很好地获取了频道信息.但是当我们开始上传(通过 XHR POST 发生)时,我们会收到一个 CORS 错误:
Things were working fine a couple weeks ago, but it has come to my attention that things recently stopped working. We login fine, we obtain the channel info fine. But when we start the upload (which happens via XHR POST), we are getting a CORS error:
跨源请求被阻止:同源策略不允许读取 https://www.googleapis.com/upload/youtube/v3/videos?part=snippet%2Cstatus&uploadType=resumable.(原因:缺少 CORS 标头Access-Control-Allow-Origin").
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.googleapis.com/upload/youtube/v3/videos?part=snippet%2Cstatus&uploadType=resumable. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
但我们没有更改代码或服务器上的任何内容,看起来我们正在执行 Google 记录的所有必要操作,以使其服务响应所需的 CORS 标头.
But we haven't changed anything in our code or on our server and it appears as if we are doing all the things necessary as documented by Google to have their service respond with the required CORS headers.
根据开发控制台,XHR 请求实际上产生了 2 个网络请求.首先我看到一个选项":
According to the dev console, the XHR request actually generates 2 network requests. First I see an "OPTIONS":
Request URL:https://www.googleapis.com/upload/youtube/v3/videos?part=snippet%2Cstatus&uploadType=resumable
Request Method:OPTIONS
Remote Address:172.217.9.42:443
这实际上确实返回了我期望的access-control-allow-origin"标头.但是,紧随其后的是POST"请求:
This actually DOES return the "access-control-allow-origin" header that I expect. However, this is immediately followed by the "POST" request:
Request URL:https://www.googleapis.com/upload/youtube/v3/videos?part=snippet%2Cstatus&uploadType=resumable
Request Method:POST
Remote Address:172.217.9.42:443
根据开发控制台,它没有设置access-control-allow-origin"标头.所以,我明白为什么我的浏览器拒绝了.谷歌似乎破坏了一些东西.
And according to the dev console, it does NOT have the "access-control-allow-origin" header set. So, I understand why my browser is rejecting things. It just seems like Google broke something.
我确实在我们管理的服务器上成功部署了 NodeJSCORS Anywhere"服务器.所以,我可以用它来解决这个问题.但这确实不是解决问题的正确方法.由于以编程方式上传视频并不是我们经常做的事情,因此这种解决方法对我们来说可能就足够了.我很想知道出了什么问题或如何解决.因此,如果有人使用 YouTube API 和 JavaScript 成功上传了视频,我很想听听.希望这将有助于在其他人遇到问题时/在他们遇到问题时对其进行教育.
I did successfully deploy a NodeJS "CORS Anywhere" server on a server we manage. So, I can use that to work around the issue. But that really isn't the correct solution to the problem. Since uploading videos programmatically isn't something we do a ton, this work around will probably be sufficient for us. I would love to understand what went wrong or how to fix. So, if someone is successfully uploading videos with the YouTube API and JavaScript, I would love to hear about it. Hopefully this will help educate others if/when they run into the issue.
推荐答案
我的服务刚刚开始出现同样的问题.
The same problem just started to happen with my services.
这似乎是 googleapis 上的一个错误,或者 youtube.v3.apis 的政策发生了变化并开始阻止一些客户端.
It seems to be a bug on googleapis or maybe youtube.v3.apis had a policy change and started to block some clients.
这篇关于上传到 YouTube API 时缺少“Access-Control-Allow-Origin"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
