I am using google place api for places sugestions.
https://maps.googleapis.com/maps/api/place/textsearch/json?query=ari&sensor=false&key=your_api_key
I have valid api key and this URL is working fine when I am executing it from the browser.
The api return "OK" as status and places suggestion but when I am executing the same URL by cUrl or file_get_contents It returns "REQUEST_DENIED" as status and hence no place suggestions.
why this is behaving like this.
Is there any setting which I am missing.
Any suggestion would be a great help.
Thanks
Did you ever get your answer to this? As far as I am aware this is die to "cross-site-scripting" security limits. You can't go from the Places API directly to Google even though you can in a browsers address bar. You have to make the call back to your sever and have the server send the call to Google - then return those results back to your page/ web site.
Related
I have been trying this for quite some time and with no avail. Would someone point me to the right direction.
I have a simple suitelet
the suitelet dumps a html in the response by reading a file
The html has a button. On ajax call of that button, a restlet gets called and a request is sent.
This is working great with Login and internal calls. However, I want the suitelet to be available without login and also the restlet.
When I do that, I get CORS error and using jsonp when I relsolve that, I get 401 Unauthorized
Tried Outh and NLAuth, no avail.
Will really appreciate any help or pointers.
If the info isn't sensitive you can call the suitelet from the domain of your website. If you have enabled https on the site then that'll just work
e.g. https://forms.na3.netsuite.com/app/site... becomes http://example.com/app/site...
If you are using SCA then you can also just do this by calling a .ss service function. The nice thing about that is that you can set the role on the .ss file and have better control of your resources without just making the customer center role capable of seeing everything. Same issue with https though.
If the info is sensitive you can get around the issue on most browsers by embedding an iframe at the https:// forms etc and using the onMessage operation to transfer info from the non-secure to the secure. (see https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage)
It's certainly possible to call a RESTlet from a Suitelet but it sounds like your issue is more how to call the Suitelet securely.
I am newbie Parse and I have a problem. I want to use parse classes for dynamic content such as blog posts. Everyting works as expected there is no problem ; but when I try to fetch as google in Google Webmaster Tools it says AJAX blocked. So google will not index this content anyway.
when I follow the link I saw this below.
this is what I see when follow class link
So google crawler try to get ajax content but it comes to it with a ConnectionFailed aka 100 error. (I tested it to show in a label on page what returns in parse query error callback. So I see what renders google)
Am I doing something wrong is this an expected behaviour ?
Anyone knows how to solve this ?
Btw: I am hosting this website on heroku with custom domain over https (with cloudflare dns redirected and free ssl)
I also deployed to Parse Cloud Hosting unfortunately the result is same :(
This is the full result of the Fetch as Google :
full page result of fetch as google
The page at https://api.parse.com/1/classes/GameScore is asking for authentication, and it's throwing a 401 Unauthorized status code for unauthorised requests. That's already a problem.
Besides that, the page at https://api.parse.com/robots.txt is currently showing
User-Agent: *
Disallow: /
Googlebot can't access that page because it's disallowed for crawling in the first place, but even if it could access it, it would run into an authentication gate which it wouldn't be able to pass.
If the content from that URL (https://api.parse.com/1/classes/GameScore) is essential for the page where its referenced/used, you would have to work with Parse to allow crawlers access those URLs.
If it's not essential, then you can safely ignore that warning.
Our API requests have started failing with the error "Request header field yammer-capabilities is not allowed by Access-Control-Allow-Headers".
Before the weekend, everything was working correctly.
Anyone else seeing this?
Same problem here, but it is not the first time, and I think we shouldn't change anything: Yammer's API is slowly beginning to be migrated to Office365's API, maybe this is why there is so much errors in this API... (hope so!)
If you want to see what they're working on :
https://about.yammer.com/success/engage/grow-your-network/release-schedule
Btw, did you try to post this issue on yammer Developer Network ? This can really help, they are using there own social network to communicate ;)
After hours of searching and trying every possible solution found on the web, I cannot try anything else for my problem, so I really need help:
I want to implement a simple autocomplete text box with geocode results, so I call AJAX requests while the user types in the text box
I have enabled Google Maps and Google Places from the Google APIs Console
I have created a Key for server apps with my server's IP
I have a PHP file (called through AJAX) running on the server which sends the request to Google Places using file_get_contents() function (SSL is enabled) - also tried with cURL function
The request I'm asking for is
https://maps.googleapis.com/maps/api/place/autocomplete/json?input=MY_SEARCH_STRING&language=us&types=geocode&sensor=false&key=MY_KEY
where MY_SEARCH_STRING is a simple string like "London" and MY_KEY the Key I have created
what I get as a response is
{ "predictions" : [], "status" : "REQUEST_DENIED" }
I have also tried this with a browser key. Also tried to create a new project, enable Services all over again, and create new Key. Switched services on/off & creating new key many times in any combination. Nothing worked.
The strange thing is that the same code was working the last months in a landing page I had created on the server, but had a long time to check it, so I do not know when it stopped working.
I appreciate a lot any help!! Thank you.
SOLVED. In Google API Console, I had declared allowed server IPs. I was assuming that if I declared an IP, I was just ensuring that requests would be allowed only from that IP. In order for this to work, you must also declare the allowed per-user limits for each IP, or else it just doesn't allow any requests. I removed all the allowed IPs, waited for 3-4 minutes, and the request was allowed.
Not sure if this helps, but here is a short example:
https://google-developers.appspot.com/maps/documentation/javascript/examples/places-autocomplete?hl=el
I've had a similar issue, fixed it and discovered a few things that may be useful in troubleshooting this
using http instead of https will result in REQUEST_DENIED
omitting &userIp=x.x.x.x will result in REQUEST_DENIED
a server key needs to be generated and used in case the request is from a php script even if ONLY consumed via browser by users or it will result in REQUEST_DENIED
a few minutes are necessary before testing if the list of IPs allowed has been changed
Hope it helps some of you guys
I am trying to implement Google Check out (GCO) on a new server, the process seemed to work fine on the old server.
The error from GCO integration console is the timeout error you might expect if there is load on the server and/or the response takes longer than 3 seconds to respond.
To perform a test (not integrating with my database), I have set some code to send an email to me instead. If I hit the https url manually, I get the email and I can see an output to the screen. If I then leave it as that, Google still returns the Timeout error and I don't get an email. So I have doubts as to whether google is even able to hit the https url.
I did temporarily attempt to use the unsecure url for testing and indeed I received the email, however this solution isn't the route we've developed for, so the problem is something to do with the secure url specifically.
I have looked into the certificate which is a UTN-USERFirst-Hardware which is listed as accepted on http://checkout.google.com/support/sell/bin/answer.py?answer=57856 . I have also tried to temporarily disable the firewall with no joy. Does anyone have any sugestions?
Good to hear you figured out the problem.
I'm adding the links below to add a litle more context for future readers about how Google Checkout uses HTTP Basic Authentication:
http://code.google.com/apis/checkout/developer/Google_Checkout_XML_API.html#urls_for_posting
http://code.google.com/apis/checkout/developer/Google_Checkout_XML_API.html#https_auth_scheme
http://code.google.com/apis/checkout/developer/Google_Checkout_HTML_API_Notification_API.html#Receiving_and_Processing_Notifications