Verified
Status Update
No update yet.
Comments
gr...@google.com
gr...@google.com
I'm sorry screenshot names are all messed up, here is more explanation:
- Thu Jul 07 2022 16:50:00 GMT-0700 (Pacific Daylight Time).png
error caused by not finding jdk properly (first error)
- Thu Jul 07 2022 17:02:33 GMT-0700 (Pacific Daylight Time).png
error shown when i visit a JVM test
- Thu Jul 07 2022 17:03:18 GMT-0700 (Pacific Daylight Time).png
studio jdk config UI
- Thu Jul 07 2022 17:04:51 GMT-0700 (Pacific Daylight Time).png
result after workaround 2 where studio doesn't detect that ArrayMap extends Map
wh...@gmail.com
This looks very similar to
da...@gmail.com
Incredible they haven't fix it yet!
wo...@gmail.com
same problem here
ib...@gmail.com
Same problem here.
Is that a bug or is a change? Has it been notified someway?
Is that a bug or is a change? Has it been notified someway?
ed...@gmail.com
Our service had the same problem.
I want you to tell me how to fix it or what to do.
I want you to tell me how to fix it or what to do.
fi...@gmail.com
any news?
je...@noaa.gov
The Youtube API examples use the same implementation here that is failing at the moment. https://github.com/youtube/api-samples/blob/master/javascript/cors_upload.js So anyone that utilized this example for their implementation is likely having this same problem. Kind of surprised this hasn't been resolved already.
gr...@google.com
This will be fixed within the day.
je...@noaa.gov
Awesome! Thanks for the update!
gr...@google.com
Just an update. The new ETA will be tomorrow morning PST.
ta...@gallaudet.edu
So...any updates yet??
ko...@rabotrummel.de
same here. Still waiting for the fix.
hi...@gmail.com
We have quite a few customers that are affected by this and they will push us to use another solution soon if we can't get this resolved quickly. If this is actually going to take a while to fix please let us know.
je...@gmail.com
Good to see the community confirming this issue. When I first started investigating, I thought certainly I must have broken something as it had been rock solid for a long time!
I did manage to create a proxy server which gets around the problem. However, I haven't rolled that solution out live yet as the indications were a fix was imminent. If the fix is days or weeks away it would be great to know and I'll just go with the proxy until then.
I did manage to create a proxy server which gets around the problem. However, I haven't rolled that solution out live yet as the indications were a fix was imminent. If the fix is days or weeks away it would be great to know and I'll just go with the proxy until then.
si...@cprinting.com
Thanks for reporting this issue! After spinning our wheels on this for nearly a day I’m glad to see this isn’t our issue to fix! We thought for sure we had broken this as well since we had just run some updates on the site the issue first showed up on. We then discovered it was broken on all our sites. Currently we have about a dozen sites affected by this and will need to implement a work-around if it’s not going to be fixed soon.
[Deleted User] <[Deleted User]>
Any updates on the ETA ? I have been tracking this thread since the day the issue was reported. We have a similar problem and are waiting for the fix to be deployed.
hi...@gmail.com
I thinking this may have gotten 'broken' for a security reason and now they have to figure out how to 'fix' it without creating the security problem again. But I am just guessing. But this makes me worry it has to have some security review and it might be much harder to fix that just undoing what broke it.
gr...@google.com
I'd like to thank everyone for your patience on this isseu.
The fix has just been rolled out.
ta...@gmail.com
It still doesn't work for me here. Can anyone confirm if they got theirs working?
da...@bsc.es
For me it works
ed...@gmail.com
I am still getting cors error
What should I change if I have something to fix?
What should I change if I have something to fix?
si...@cprinting.com
This seems to be working on all of our sites. Thanks!
hi...@gmail.com
Works for us! Thanks for you your good work on this. We appreciate it!
ib...@gmail.com
Working again. Many thanks.
ed...@gmail.com
It Works. Thanks.
je...@gmail.com
I'm the one who opened the bug and I too can confirm the changes addressed the problem we were seeing.
Thanks to all who confirmed the issue and to Google for correcting it!
Thanks to all who confirmed the issue and to Google for correcting it!
ni...@gmail.com
I still got this issue:
has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
My site is:https://youtube-web-app.netlify.app/
Could anyone give me a hand with this?
has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
My site is:
Could anyone give me a hand with this?
je...@noaa.gov
While uploading videos does indeed work, i would appear that this same issue is occurring with https://www.googleapis.com/upload/youtube/v3/thumbnails/set
We are no longer able to change a thumbnail once a video has been uploaded as get the same CORS error specified in the original post. Should this be another ticket?
We are no longer able to change a thumbnail once a video has been uploaded as get the same CORS error specified in the original post. Should this be another ticket?
or...@gmail.com
je...@noaa.gov
I still get this as well when setting thumbnails. My code was taken directly from this cors_upload.js example as well.
gu...@gmail.com
please still have this problem, Access to XMLHttpRequest at '
ga...@gmail.com
Hi,
I am still getting CORS error.
has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I am still getting CORS error.
has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
ch...@gmail.com
Still having this problem despite the "fix" they've rolled out. It's been almost 2 months since the issue was created, any expectation on when we'll see this issue be resolved?
gr...@google.com
This issue has already been fixed. As you see, on the comments above a lot of them confirmed that it has been fixed for them.
Although I understand that it still doesn't work for some. But that means they need to find a way on how we could exactly replicate this.
ch...@gmail.com
Okay, let me try to replicate the issue.
- Description
I'm building a site that allows the user to share the Youtube videos that they've uploaded so that they can create libraries of content that they've uploaded to Youtube, onto the site that I'm building. When they want to share their video, I call the Youtube API to get the length of the video so that they dont have to fill in an additional input(length of video).
Things were also working fine until a couple of weeks ago, when I suddenly had CORS issues after the user pastes the Youtube link of the video into the form.(I call the Youtube API the instant they key in the link of the video)
Access to XMLHttpRequest at 'https://www.googleapis.com/youtube/v3/videos?part=contentDetails&id=G8uL0lFFoN0&key=MY_KEY ' from origin '(MY_LOCAL_SITE)' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Request URL:https://www.googleapis.com/youtube/v3/videos?part=contentDetails&id=G8uL0lFFoN0&key=MY_KEY '
Request Method: GET
- API request with parameters used (DO NOT include your credential)
See above.
- Result (copy and paste a JSON response you received)
Not getting a response since it is blocked by CORS.
- Expected result
No.
- Is it 100% reproducible?
Yes.
Hope that I can get a response ASAP, and let me know if you require more details
- Description
I'm building a site that allows the user to share the Youtube videos that they've uploaded so that they can create libraries of content that they've uploaded to Youtube, onto the site that I'm building. When they want to share their video, I call the Youtube API to get the length of the video so that they dont have to fill in an additional input(length of video).
Things were also working fine until a couple of weeks ago, when I suddenly had CORS issues after the user pastes the Youtube link of the video into the form.(I call the Youtube API the instant they key in the link of the video)
Access to XMLHttpRequest at '
Request URL:
Request Method: GET
- API request with parameters used (DO NOT include your credential)
See above.
- Result (copy and paste a JSON response you received)
Not getting a response since it is blocked by CORS.
- Expected result
No.
- Is it 100% reproducible?
Yes.
Hope that I can get a response ASAP, and let me know if you require more details
gr...@google.com
As you can see in this thread, it's the same step that we're using and it currently works at least for majority of the users.
ch...@gmail.com
I dont understand what you mean by "it's the same step that we're using", and yeah it works for some of the users but certainly not all, so the fix you've implemented does not apply to us. The difference between the API that the original poster of this issue and mine is that my query parameters were 'part=contentDetails' while the original poster's was 'part=snippet'. I think you may have fixed it for the latter but certainly not for mine. Please take a look at my description of the issue properly again.
sh...@gmail.com
I have the same problem, i followed the example and got the following error
Access to XMLHttpRequest at 'https://www.googleapis.com/upload/youtube/v3/videos?key=AI5SyC50G4n4iS4MnlM3Vu8VwDZaCNELywh0pa213X5d4?part=snippet%2Cstatus&uploadType=resumable ' from origin 'https://dev.rdieportal.com ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Access to XMLHttpRequest at '
bo...@gmail.com
Hi,
Youtube api v3 Video upload error but video upload works locally
error:Failed to load resource: the server responded with a status of 500 ()
fe...@gmail.com
hello, in my application I try to get a https://www.googleapis.com/youtube/v3/videos?part=contentDetails,snippet&key= <MyKey>= <KeyVideo> and I'm blocked by Cors, before it worked normally, the problem started a few days ago...
gr...@google.com
For those who are still encountering the issue. Please check if you're passing additional headers to the request which triggers the pre-flight request. If not, please provide a HAR file.
se...@gmail.com
Hi, i having same issue.
Access to XMLHttpRequest at 'https://www.googleapis.com/youtube/v3/playlistItems?playlistId=PL7sEA7G9zsJq4edZ3XTkzla2MTmoYDUwG&key={myKey}&part=snippet,contentDetails,status&maxResults=50' from origin 'https://{myOrigin}' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
pre-flight request info from Chrome dev tools:
General:
Request URL: https://www.googleapis.com/youtube/v3/playlistItems?playlistId=PL7sEA7G9zsJq4edZ3XTkzla2MTmoYDUwG&key={myKey}&part=snippet,contentDetails,status&maxResults=50
Request Method: OPTIONS
Status Code: 403
Remote Address: 172.217.31.138:443
Referrer Policy: no-referrer-when-downgrade
Response headers:
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1754
content-type: text/html; charset=UTF-8
date: Tue, 11 Aug 2020 02:47:47 GMT
server: scaffolding on HTTPServer2
status: 403
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0
Request headers:
:authority: www.googleapis.com
:method: OPTIONS
:path: /youtube/v3/playlistItems?playlistId=PL7sEA7G9zsJq4edZ3XTkzla2MTmoYDUwG&key={myKey}&part=snippet,contentDetails,status&maxResults=50
:scheme: https
accept: */*
accept-encoding: gzip, deflate, br
accept-language: ko-KR,ko;q=0.9,en-US;q=0.8,en;q=0.7
access-control-request-headers: x-token
access-control-request-method: GET
cache-control: no-cache
origin: https://{myOrigin}
pragma: no-cache
referer: https://{myOrigin}/post/create/playlist
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
Query String params:
playlistId: PL7sEA7G9zsJq4edZ3XTkzla2MTmoYDUwG
key: {myKey}
part: snippet,contentDetails,status
maxResults: 50
ch...@gmail.com
Okay yes, I've solved the issue by checking the headers that I sent when calling the Youtube API. I'm using Axios to call the API and my Axios has been configured to always add on the x-requested-with and x-csrf-token headers for every request. I just had to remove the x-csrf-token header from the Axios instance when I call the Youtube API and I no longer have this bug. For those that are still having this issue, check your requests and make sure that there are no unnecessary Headers that will trigger the pre-flight request as mentioned above. Thanks!
se...@gmail.com
oh thanks,.. set axios headers as null and the problem solved!
bo...@gmail.com
hello do you have an axios headers example with asp.net
j....@recreate.nl
If you are using Javascript you can use :
var csrf = $.ajaxSettings.headers["X-CSRF-TOKEN"];
delete $.ajaxSettings.headers["X-CSRF-TOKEN"];
Sending the youtube request
After sending the request you will set the csrf token again
$.ajaxSettings.headers["X-CSRF-TOKEN"] = csrf;
Hope this will make it all clear.
if...@gmail.com
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.googleapis.com/youtube/v3/videos?key=AIzaSyCEHJiq86uyqgndtQEEPtTjqHlGpcjaAn8&part=snippet,contentDetails,statistics,status&id=xYrvjaSJH_M . (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource athttps://www.googleapis.com/youtube/v3/videos?key=AIzaSyCEHJiq86uyqgndtQEEPtTjqHlGpcjaAn8&part=snippet,contentDetails,statistics,status&id=xYrvjaSJH_M . (Reason: CORS request did not succeed).
Hi guys, anyone can help me with this case. Still hitting error after google marked this as Fixed.
This is my request header.
OPTIONS /youtube/v3/videos?key=AIzaSyCEHJiq86uyqgndtQEEPtTjqHlGpcjaAn8&part=snippet,contentDetails,statistics,status&id=xYrvjaSJH_M HTTP/2
Host:www.googleapis.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-credentials,access-control-allow-origin,content-type
Referer:http://localhost:4200/
Origin:http://localhost:4200
DNT: 1
Connection: keep-alive
TE: Trailers
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at
Hi guys, anyone can help me with this case. Still hitting error after google marked this as Fixed.
This is my request header.
OPTIONS /youtube/v3/videos?key=AIzaSyCEHJiq86uyqgndtQEEPtTjqHlGpcjaAn8&part=snippet,contentDetails,statistics,status&id=xYrvjaSJH_M HTTP/2
Host:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-credentials,access-control-allow-origin,content-type
Referer:
Origin:
DNT: 1
Connection: keep-alive
TE: Trailers
[Deleted User] <[Deleted User]>
This issue is happened today, upload request not working anymore because browser is blocking request because of CORS. OPTIONS request response seems to have headers properly, but POST response doesn't have any:
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Wed, 28 Sep 2022 17:49:07 GMT
server: UploadServer
vary: Origin
vary: X-Origin
vary: Referer
warning: 214 UploadServer gzipped
x-guploader-response-body-transformations: gzipped
x-guploader-uploadid: ADPycdt-yX_ZLQLX_GQ3NTBfe7DD8IwLU6iUf0GFQgBq7o4CuC3LffNRPsAIujlu072fXE-I9lFqCiqNHOFkRR90rWDFcg
Access to XMLHttpRequest at '
https://www.googleapis.com/upload/youtube/v3/videos?uploadType=resumable&part=snippet,status ' from origin 'https://n-cnlp2vpbr7rdlkzcbdst6aaae247upvkh5awooq-0lu-script.googleusercontent.com ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Description
- Description
For several years we have successfully been uploading videos via the YouTube API using some custom JavaScript code. The code was based on some samples provided by Google (cors_upload.js). It's not something we use a lot, just every couple of weeks.
Things were working fine a couple weeks ago, but it has come to my attention that things recently stopped working. We login fine, we obtain the channel info fine. But when we start the upload (which happens via XHR POST), we are getting a CORS error:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at
But we haven't changed anything in our code or on our server and it appears as if we are doing all the things necessary as documented by Google to have their service respond with the required CORS headers.
According to the dev console, the XHR request actually generates 2 network requests. First I see an "OPTIONS":
Request URL:
Request Method:OPTIONS
Remote Address:
This actually DOES return the "access-control-allow-origin" header that I expect. However, this is immediately followed by the "POST" request:
Request URL:
Request Method:POST
Remote Address:
And according to the dev console, it does NOT have the "access-control-allow-origin" header set. So, I understand why my browser is rejecting things. It just seems like Google broken something.
- API request with parameters used (DO NOT include your credential)
See above.
- Result (copy and paste a JSON response you received)
Not getting a response since it is blocked by CORS.
- Expected result
No.
- Is it 100% reproducible?
Yes.
- Reproducible API explorer link
I don't think upload can be reproduced in the API explorer.