ThinhDinh:
Likely a CORS issue.
Found this nice test tool for CORS. Does it seem reliable?
Hola de nuevo!
If your problem is caused by a CORS issue, you could avoid it using a CORS proxy like this (what Thinh wrote above):
Saludos!
1 Like
Yeah, when a link that can be fetched by accessing it in the browser but doesn’t return anything in Glide, I think CORS is the most likely cause.
gvalero:
using a CORS proxy
Aren’t these proxies super vulnerable?
If that is a big concern for you, then the creator (Rob) did write about hosting your own version and having security limits for it.
2 Likes
opened 12:26PM - 12 Dec 20 UTC
The demo server of CORS Anywhere (cors-anywhere.herokuapp.com) is meant to be a … demo of this project. But abuse has become so common that the platform where the demo is hosted (Heroku) has asked me to shut down the server, despite efforts to counter the abuse (rate limits in #45 and #164, and blocking other forms of requests). Downtime becomes increasingly frequent (e.g. recently #300, #299, #295, #294, #287) due to abuse and its popularity.
To counter this, I will make the following changes:
1. The rate limit will decrease from 200 (#164) per hour to 50 per hour.
2. By January 31st, 2021, cors-anywhere.herokuapp.com will stop serving as an open proxy.
3. From February 1st. 2021, cors-anywhere.herokuapp.com will only serve requests after the visitor has completed a challenge: The user (developer) must visit a page at cors-anywhere.herokuapp.com to temporarily unlock the demo for their browser. This allows developers to try out the functionality, to help with deciding on self-hosting or looking for alternatives.
### What should current users of CORS Anywhere do in response to this announcement?
If possible, try to avoid the need for a proxy at all. CORS Anywhere works by combining proxy functionality with [CORS](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS). You may not need proxy functionality, if the web service that you are trying to access already supports CORS. This is the preferred solution because it is faster and more reliable. For development, you can also consider the use of browser extensions that automatically enables CORS for certain websites.
If your use of CORS Anywhere is infrequent, then the exception from step 3 above will allow you to continue as before. The only difference is that you need to explicitly opt in before access is temporarily allowed. If you'd like to not have these restrictions, then you should self-host CORS Anywhere.
For an example of self-hosting, see https://github.com/Rob--W/cors-anywhere#demo-server . There are also many questions and answers about hosting on the issue tracker here (https://github.com/Rob--W/cors-anywhere/issues). If you have questions, please search for existing issues first before opening a new issue.
Here’s a straightforward how-to to deploy your own version on Heroku.
Thanks. this is great. However, this is still relaying information to a 3rd party, Heroku. Any ideas of a safer workaround for somewhat sensitive data?
No, I don’t have any other ideas.
