00:00
00:00
Newgrounds Background Image Theme

seanclopedia just joined the crew!

We need you on the team, too.

Support Newgrounds and get tons of perks for just $2.99!

Create a Free Account and then..

Become a Supporter!

Newgrounds.io Help & Support

56,255 Views | 154 Replies
New Topic Respond to this Topic
First
Prev
Page 6 of 6
Next
Last
PsychoGoldfish
Member since: Sep. 26, 2000
Offline.
Staff Level 14 Programmer

Response to Newgrounds.io Help & Support 2025-01-01 21:22:56

At 1/1/25 04:47 PM, jacklehamster wrote:Hi there,

Would it be possible to enable CORS for the https://uploads.ungrounded.net domain?
I think we could use the CloudSave.setData method to save games on Newgrounds, but currently that call is blocked by CORS policy. I think it could work if the "uploads.ungrounded.net' domain was allowlisted.

This is the error I got when trying:

Access to fetch at 'https://newgrounds.io/gateway_v3.php' from origin 'https://uploads.ungrounded.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'none'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.


fetch is very iffy. you are better off using xhr

jacklehamster
Member since: Apr. 11, 2010
Offline.
Supporter Level 06 Game Developer

Response to Newgrounds.io Help & Support 2025-01-02 00:21:37

Do you have an example that works?

Seems using xhr or fetch doesn't make much difference. I think the Access-Control-Allow-Origin needs to be set on the response header from newgrounds.io


At 1/1/25 09:22 PM, PsychoGoldfish wrote:
At 1/1/25 04:47 PM, jacklehamster wrote:Hi there,

Would it be possible to enable CORS for the https://uploads.ungrounded.net domain?
I think we could use the CloudSave.setData method to save games on Newgrounds, but currently that call is blocked by CORS policy. I think it could work if the "uploads.ungrounded.net' domain was allowlisted.

This is the error I got when trying:

Access to fetch at 'https://newgrounds.io/gateway_v3.php' from origin 'https://uploads.ungrounded.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'none'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

fetch is very iffy. you are better off using xhr


jacklehamster
Member since: Apr. 11, 2010
Offline.
Supporter Level 06 Game Developer

Response to Newgrounds.io Help & Support 2025-01-02 01:16:04

Here's a test program: https://www.newgrounds.com/projects/games/6333685/preview


All APIs work except for "CloudSave.setData" because it performs a POST. The JS console shows the CORS errors.

To address that, the fix needs to be on the server. Something like this on the header:


Access-Control-Allow-Origin: https://uploads.ungrounded.net 


At 1/2/25 12:21 AM, jacklehamster wrote:Do you have an example that works?
Seems using xhr or fetch doesn't make much difference. I think the Access-Control-Allow-Origin needs to be set on the response header from newgrounds.io
At 1/1/25 09:22 PM, PsychoGoldfish wrote:
At 1/1/25 04:47 PM, jacklehamster wrote:Hi there,

Would it be possible to enable CORS for the https://uploads.ungrounded.net domain?
I think we could use the CloudSave.setData method to save games on Newgrounds, but currently that call is blocked by CORS policy. I think it could work if the "uploads.ungrounded.net' domain was allowlisted.

This is the error I got when trying:

Access to fetch at 'https://newgrounds.io/gateway_v3.php' from origin 'https://uploads.ungrounded.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'none'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

fetch is very iffy. you are better off using xhr


PsychoGoldfish
Member since: Sep. 26, 2000
Offline.
Staff Level 14 Programmer

Response to Newgrounds.io Help & Support 2025-01-02 01:45:27

At 1/2/25 01:16 AM, jacklehamster wrote:Here's a test program: https://www.newgrounds.com/projects/games/6333685/preview

All APIs work except for "CloudSave.setData" because it performs a POST. The JS console shows the CORS errors.
To address that, the fix needs to be on the server. Something like this on the header:

Access-Control-Allow-Origin: https://uploads.ungrounded.net
At 1/2/25 12:21 AM, jacklehamster wrote:Do you have an example that works?
Seems using xhr or fetch doesn't make much difference. I think the Access-Control-Allow-Origin needs to be set on the response header from newgrounds.io
At 1/1/25 09:22 PM, PsychoGoldfish wrote:
At 1/1/25 04:47 PM, jacklehamster wrote:Hi there,

Would it be possible to enable CORS for the https://uploads.ungrounded.net domain?
I think we could use the CloudSave.setData method to save games on Newgrounds, but currently that call is blocked by CORS policy. I think it could work if the "uploads.ungrounded.net' domain was allowlisted.

This is the error I got when trying:

Access to fetch at 'https://newgrounds.io/gateway_v3.php' from origin 'https://uploads.ungrounded.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'none'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

fetch is very iffy. you are better off using xhr


90% of the time if you get a CORS error in the API, it's probably our server dumping an error page (vs a proper API response) because something was used incorrectly.


I was looking at our error logs and noticed a bunch of cloudsave calls that were not sending a string value, but rather a JSON object. Upon further investigation, I wasn't handling improper data types correct, so instead of getting a helpful API response, you would be getting a generic NG error page, which wouldn't render any CORS headers.


I got that fixed so you're likely seeing proper error responses now. You'll just need to serialize the data you want to save to a string before you post it. You can use whatever string format you want.

jacklehamster
Member since: Apr. 11, 2010
Offline.
Supporter Level 06 Game Developer

Response to Newgrounds.io Help & Support 2025-01-02 02:20:34

Thank you for fixing that! I'm able to use the API to save data now.


At 1/2/25 01:45 AM, PsychoGoldfish wrote:
At 1/2/25 01:16 AM, jacklehamster wrote:Here's a test program: https://www.newgrounds.com/projects/games/6333685/preview

All APIs work except for "CloudSave.setData" because it performs a POST. The JS console shows the CORS errors.
To address that, the fix needs to be on the server. Something like this on the header:

Access-Control-Allow-Origin: https://uploads.ungrounded.net
At 1/2/25 12:21 AM, jacklehamster wrote:Do you have an example that works?
Seems using xhr or fetch doesn't make much difference. I think the Access-Control-Allow-Origin needs to be set on the response header from newgrounds.io
At 1/1/25 09:22 PM, PsychoGoldfish wrote:
At 1/1/25 04:47 PM, jacklehamster wrote:Hi there,

Would it be possible to enable CORS for the https://uploads.ungrounded.net domain?
I think we could use the CloudSave.setData method to save games on Newgrounds, but currently that call is blocked by CORS policy. I think it could work if the "uploads.ungrounded.net' domain was allowlisted.

This is the error I got when trying:

Access to fetch at 'https://newgrounds.io/gateway_v3.php' from origin 'https://uploads.ungrounded.net' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains the invalid value 'none'. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

fetch is very iffy. you are better off using xhr

90% of the time if you get a CORS error in the API, it's probably our server dumping an error page (vs a proper API response) because something was used incorrectly.

I was looking at our error logs and noticed a bunch of cloudsave calls that were not sending a string value, but rather a JSON object. Upon further investigation, I wasn't handling improper data types correct, so instead of getting a helpful API response, you would be getting a generic NG error page, which wouldn't render any CORS headers.

I got that fixed so you're likely seeing proper error responses now. You'll just need to serialize the data you want to save to a string before you post it. You can use whatever string format you want.


Wall Art by
Roverkibb

Main Sections

Extra, Extra!

Community

NG Related

©Copyright 1995-2025 Newgrounds, Inc. All rights reserved. Privacy Policy | Terms of Use