0
I am trying to make an RSS request from a site but would like to know how I enable Cors without swindling like this in the code. Remembering that I do not have access to the server on which I want to perform the request.
<head>
<script>
function myFunction() {
const RSS_URL = "site que quero realizar a requisição";
const proxyurl = "https://cors-anywhere.herokuapp.com/";//Burlando a validação do cors
fetch(proxyurl + RSS_URL)
.then(response => response.text())
.then(str => new window.DOMParser().parseFromString(str, "text/xml"))
.then(data => {
console.log(data);
const items = data.querySelectorAll("item");
let html =`
<div class="container">
<h1>that's it</h1>
</div>
`;
items.forEach(el => {
html +=`
<div class="container">
<article>
<h2 class="textStyle">
<a href="${el.querySelector("link").innerHTML}" target="_blank" rel="noopener">
${el.querySelector("title").innerHTML}
</a>
</h2>
</article>
</div>
`;
});
document.body.insertAdjacentHTML("beforeend", html);
});
}
</script>
</head>
I would like to know the right way to accomplish this. I’m a beginner in Javascript.
Related: What is the meaning of CORS?
– Icaro Martins
add the CORS return
– cpll
in addition to setting crossorigin as Anonymous, you will still be subject to server settings that will host your page, and the host that you want to take... are settings that help a lot to protect your users from attacks like XSS... , recommend that you implement on the server side a local RSS cache to avoid security bluffs... or even if the external server not accepted... makes your site "possible to work"
– anon
according to the server configuration, your client will receive via HTTP headers, the properties that define whether or not this behavior of the page will be allowed
– anon