i trying use lastfm api. have started basic template wanted connect lastfm api , authenticate myself. have button on html page -
<button id="auth">authenticate</button> here's jquery function handle click event -
$(document).ready(function() { $("#auth").click(function() { console.log("authenticate called"); var myurl = "http://www.last.fm/api/auth/?api_key=32*************8a*****2"; /*$.get(url,function(data) { alert("data"); });*/ $.ajax({ // 'type' property sets http method. // value of 'put' or 'delete' trigger preflight request. type: 'get', // url make request to. url: myurl, xhrfields: { withcredentials: false }, crossdomain : true, headers: { // set custom headers here. }, success: function(data) { // here's handle successful response. }, error: function(data) { console.log(data); }); }); }); i running on localhost. can see ajax request, supports cors. can see cors header attributes being added request headers. server needs respond cors headers access-control-allow-origin. response not contain such headers.
but lastfm api supports cors, shouldn't sending these attributes in response headers? also, how can make use of cors authenticate application?
p.s - know can use jsonp, want know if there way can handle using cors?
thanks @potatopeelings, got answer. need not call authentication url, redirect seperate page ask me authorize application use lastfm account. provided callback url redirect application after have given authorization. final url -
myurl = "http://www.last.fm/api/auth/?api_key=xxx&cb=http://localhost:63342" and removed ajax call following -
window.location.replace(myurl); 