The API does not work from client-side Javascript because of CORS issues.

A place for developers to advertise their TheTVDB.com enabled app and get help from other developers with the API.
Forum rules
This forum is now read-only. Support for TheTVDB.com is now available at https://support.thetvdb.com/
Locked
la55u

Sun Aug 02, 2020 7:17 am

Code: Select all

const res = await fetch(
        "https://api.thetvdb.com/search/series?name=money%20heist",
        {
          headers: {
            Authorization: `Bearer ${token}`,
          },
        }
      ); 
const data = await res.json();
console.log("data:", data);
The above simple GET request does not work from my React (client side code) because the API doesn't handle the pre-flight OPTIONS request that the browser makes before the actual GET request. However the exact same request works if I make the same request but from my Node backend. This behaviour can't be disabled on our side, only on TVDB's (server) side. There were multiple issues reporting it years ago, so my question is when can we expect a fix for this? I might be wrong but I think a simple Access-Control-Allow-Origin:* response header for the OPTIONS request would solve all the issues. Thank you.
ChristyEzzell
Site Admin
Posts: 1509
Joined: Tue Feb 26, 2019 12:01 pm

Mon Aug 03, 2020 8:50 am

la55u wrote:
Sun Aug 02, 2020 7:17 am

Code: Select all

const res = await fetch(
        "https://api.thetvdb.com/search/series?name=money%20heist",
        {
          headers: {
            Authorization: `Bearer ${token}`,
          },
        }
      ); 
const data = await res.json();
console.log("data:", data);
The above simple GET request does not work from my React (client side code) because the API doesn't handle the pre-flight OPTIONS request that the browser makes before the actual GET request. However the exact same request works if I make the same request but from my Node backend. This behaviour can't be disabled on our side, only on TVDB's (server) side. There were multiple issues reporting it years ago, so my question is when can we expect a fix for this? I might be wrong but I think a simple Access-Control-Allow-Origin:* response header for the OPTIONS request would solve all the issues. Thank you.
Hi,

Our Devs ticketed this issue on the current API and hopefully it'll be resolved soon. We will make sure it is compliant on the new API we are building as well.

Thanks for reporting.
Locked