0
Not a bug

Shabbat times REST API response missing a header

Roi Dayan 9 years ago updated by israel wissotzky 2 years ago 6
The json api response is missing a header in the response to allow access by origin.

example request showing the problem:

XMLHttpRequest cannot load http://www.hebcal.com/shabbat?cfg=json&geo=pos&latitude=31&longitude=35&m=50&tzid=Asia%2FJerusalem. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8000' is therefore not allowed access.

the jewish calendar api is ok.

Answer

+1
Answer

Hi, thanks for using Hebcal.


As of August 2020, the trailing slash after "converter" or after "shabbat" is now optional.

All of the following will work correctly with the CORS header without triggering a 301 redirect

https://www.hebcal.com/shabbat?cfg=json

https://www.hebcal.com/shabbat/?cfg=json

https://www.hebcal.com/converter?cfg=json

https://www.hebcal.com/converter/?cfg=json


http://www.hebcal.com/shabbat?cfg=json

http://www.hebcal.com/shabbat/?cfg=json

http://www.hebcal.com/converter?cfg=json

http://www.hebcal.com/converter/?cfg=json

The Hebcal website generally requires https for most pages but still allows http for any URL with cfg=json.

+1
Hi,

I looked again in how I do the request and found why I couldn't get the cors header.
I used this url: http://www.hebcal.com/shabbat?....

The http response is 301 which doesn't include the cors header and includes a location header to use this url:
http://www.hebcal.com/shabbat/?....

This url works. notice the ending forward slash. I use angular js and it seems the forward slash was stripped. I forced it and now its ok.

Thanks,
Roi



Under review
Hi, thanks for your message.

Unfortunately, we are having trouble reproducing the problem you reported.

We see the header correctly appearing in the output:

$ curl -o /dev/null -v 'http://www.hebcal.com/shabbat/?cfg=json&geo=pos&latitude=31&longitude=35&m=50&tzid=Asia%2FJerusalem'
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 104.131.247.13...
* Connected to www.hebcal.com (104.131.247.13) port 80 (#0)
> GET /shabbat/?cfg=json&geo=pos&latitude=31&longitude=35&m=50&tzid=Asia%2FJerusalem HTTP/1.1
> Host: www.hebcal.com
> User-Agent: curl/7.43.0
> Accept: */*
> 
< HTTP/1.1 200 OK
< Date: Sun, 23 Aug 2015 04:17:31 GMT
< Server: Apache/2.4.7 (Ubuntu)
< Expires: Sat, 29 Aug 2015 05:00:01 GMT
< Access-Control-Allow-Origin: *
< Content-Type: application/json; charset=UTF-8
< X-Varnish: 126760154 126977920
< Age: 20
< Via: 1.1 varnish-v4
< Content-Length: 1057
< Connection: keep-alive
< Accept-Ranges: bytes
< 
{ [1057 bytes data]
100  1057  100  1057    0     0   5352      0 --:--:-- --:--:-- --:--:--  5365
* Connection #0 to host www.hebcal.com left intact
$

יש לי את אותו בעייה 

בקישור המראה  

https://www.hebcal.com/converter/?cfg=json&hy=5782&hm=Kislev&hd=21&h2g=1 

כאן אני עושה את התהליך  

https://crm.thekotel.org/ 

+1
Answer

Hi, thanks for using Hebcal.


As of August 2020, the trailing slash after "converter" or after "shabbat" is now optional.

All of the following will work correctly with the CORS header without triggering a 301 redirect

https://www.hebcal.com/shabbat?cfg=json

https://www.hebcal.com/shabbat/?cfg=json

https://www.hebcal.com/converter?cfg=json

https://www.hebcal.com/converter/?cfg=json


http://www.hebcal.com/shabbat?cfg=json

http://www.hebcal.com/shabbat/?cfg=json

http://www.hebcal.com/converter?cfg=json

http://www.hebcal.com/converter/?cfg=json

The Hebcal website generally requires https for most pages but still allows http for any URL with cfg=json.

תודה רבה על המענה המהיר 

הוספתי WWW ונראה שהעניין סודר 

ישר כוח