Freesound Forums

Feature Request - Access Control Allow Origin

Subscribe

Started May 8th, 2013 · 5 replies · Latest reply by frederic.font 11 years, 7 months ago

B
bigbadotis

0 sounds

5 posts

11 years, 7 months ago
#1

Hello freesound developers,

First, thanks for such a valuable resource! I have a web-based live coding environment ( http://www.charlie-roberts.com/gibber ) and I'd like people to be able to read in freesound samples using XMLHttpRequests. This thread in Google Groups from last year discusses the issue:

https://groups.google.com/forum/?fromgroups=#!topic/freesound-api/JL2lNzP6mKM

Has any progress been made on this? Right now I'm getting some errors when I try to load sounds via xhr...

Thanks for any info!!! - Charlie

frederic.font

746 sounds

473 posts

11 years, 7 months ago
#2

Hello Charlie,

We've done some tests and it seems that both preview files and served sounds have the correct headers. As an example:

-> for previews:
curl -v -O "http://www.freesound.org/data/previews/106/106018_1799321-lq.ogg"

< HTTP/1.1 200 OK
< Server: nginx/1.0.15
< Date: Wed, 08 May 2013 10:51:51 GMT
< Content-Type: audio/ogg
< Content-Length: 134314
< Last-Modified: Fri, 20 May 2011 22:41:48 GMT
< Connection: keep-alive
< Access-Control-Allow-Origin: *
< Accept-Ranges: bytes

-> when serving original files
curl -v -O "http://freesound.org/api/sounds/106018/serve/?api_key=XXX"

< HTTP/1.1 200 OK
< Server: nginx/1.0.15
< Date: Wed, 08 May 2013 10:51:10 GMT
< Content-Type: application/octet-stream
< Content-Length: 1278052
< Last-Modified: Fri, 20 May 2011 22:41:46 GMT
< Connection: keep-alive
< Content-Disposition: attachment; filename="106018__christoff45__purring-cat.wav"
< Access-Control-Allow-Origin: *
< Accept-Ranges: bytes

So this should work in your application right?
Maybe you can share with us some code for testing it.

frederic
the freesound team
B
bigbadotis

0 sounds

5 posts

11 years, 7 months ago
#3

Great! Thanks for the quick response. Let me play around with the API a little more and see if I can figure out what I'm doing wrong before I bug you with code.

Thanks again - Charlie

B
bigbadotis

0 sounds

5 posts

11 years, 7 months ago
#4

Got it working, thanks!

One question, should I be worried about the security of the api key? I will try to obscure it but seeing as how I'm creating a web application I have a feeling there is only so much I'll be able to do.

Thanks again! - Charlie

frederic.font

746 sounds

473 posts

11 years, 7 months ago
#5

Hi again Charlie,

for the moment as you say there is not much you can do to obscure the key. We reserve the right to cancel an api key if the usage does not follow the terms of use for the api (http://www.freesound.org/help/tos_api/), but this should not happen and in any case we log the api activity and could identify requests not comming from your domain.

frederic
the freesound team
Post reply