I’m using ReactJS and Fetch to try and create a download button for users for their files and I’m getting the wonderful CORS issue. I’ve tried everything from Access-Control-Allow-Origin, mode: no-cors, credentials, include, a few proxies… nothing seems to work any advice?
Hey @starshards
Welcome to the community and for sharing the details
You are making the call directly from the front-end client and, as a result, running into the CORs issue. This also leads to security vulnerability issues since you would expose the API token. The API call has to be initiated from a backend.
This means you need a Node.js middleware (could be other runtimes like Java / Python) or a proxy that initiates the API call. This would also protect the API tokens from being exposed.
I’ve also tried a proxy prepend the pipedrive API call, still the same thing
Access to fetch at 'https://us-central1-osc-consulting.cloudfunctions.net/downloadFile' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Hi @starshards
Thanks for being patient and for sharing the snippet. Firebase cloud functions should do the job as they initiate the call from the server side. You don’t have to use the X-Requested-With header. What is the error message that you get for the call initiated from the cloud function?
Also, is the file you are downloading in Pipedrive natively or in Google drive? You might have to append direct_download=1 depending on that.