Question: Paro, what is that question referring to? Cool, well you got past the problem, that’s all that matters :slightly_smiling_face:

Asked By
yashdalfthegray
Asked At
2017-08-22 15:03:55

Found 15 possible answers.

User Answered At Possible Answer
paroxp 2017-08-22 15:16:50 yashdalfthegray: Sorry not really a question. It's javascript so it doesn't _really_ need to be served. It could be loaded and is executed by the browser :)
harasho 2017-08-22 15:21:29 How would that get around the limitation of the medium sdk? Ohhhh does the go sdk permit reads, and the JS one doesn't?
paroxp 2017-08-22 15:22:03 idk though, i'd hope that's the case. Hope they don't allow JS client having a secret key loaded... I'm now well confused.
harasho 2017-08-22 15:24:04 I'd assume a js sdk would be more backend focused But idk
paroxp 2017-08-22 15:24:41 same, but lamb is using it in react - which then is a frontend framework, right?
harasho 2017-08-22 15:24:47 Yeah It's probably a "that's on you" thing
yashdalfthegray 2017-08-22 15:25:35 Actually, any kind of involved javascript will need to be served at this point because otherwise Chrome won’t load it and fail with CSP error
paroxp 2017-08-22 15:25:40 also. lamb is hitting the CORS. Would he hit them from a backend service - node/go/ruby
harasho 2017-08-22 15:25:54 Ahhhh no I don't think he would That makes a ton of sense now I missed where it was specified CORS
paroxp 2017-08-22 15:26:52 :) - holy shit. I might actually know what I'm talking about...
harasho 2017-08-22 15:27:11 Also we are kinda talking about an API not a sdk Not saying a sdk can't connect via an API
paroxp 2017-08-22 15:27:25 there was a mix of both
yashdalfthegray 2017-08-22 15:29:37 I should go back and fully read the problem statement
paroxp 2017-08-22 15:30:29 I imagine I should too
yashdalfthegray 2017-08-22 15:33:12 Right, okay. So the webapp should be served because if it’s loaded from a file, it won’t go and fetch any of the other resources or assets that the javascript tells it to Or actually, it could also be a method that the server isn’t expecting. All of these things come back in a preflight request response pair that is most likely an OPTIONS calls As for the CORS stuff, it could be failing for a few reasons, either the server isn’t sending the right CORS headers to allow calls to Medium’s API or there is a header that is being sent from the client that the server isn’t okay with receiving which is also controlled by CORS

Related Questions