This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Community Hub Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Access-Control-Expose-Headers

jlguenego
Mt. Kenya

‎12-03-2023 08:53 AM

I would like to show to my users that they are using the Strava API with limit (100 request per 15 minutes, etc.)

The Strava API has HTTP response header for that : 

X-Ratelimit-Usage and X-Ratelimit-Limit
 
I would like to use them in the HTTP javascript fetch API. But I need the CORS Setting for that: Access-Control-Expose-Headers
 
Thanks if you can add it. 😊
2 REPLIES 2

donkeyKongan
Mt. Kenya

‎02-06-2024 11:52 AM

okay, I figured this out. Has to be done on the server side. For security the browser respects cors, makes sense to not expose headers. On a server-side request, you can ignore the directive and get to the headers. I created a endpoint on my server to hit the strava api, then pointed my front end js to my own endpoint. same site doesn't have the cors issue but I just passed them along in the payload rather then adding them to my headers. hopefully that makes sense and helps someone.

0 Kudos

donkeyKongan
Mt. Kenya

‎02-05-2024 10:30 AM

I have the same issue/ request. How are we supposed to handle rate limiting as suggested in the CORS setting doesn't allow us the view the header that tells the usage?

0 Kudos
Ready, Get Set, Go!

Welcome to the Community - here is your guide to help you get started!


Know how to use Community


Understand Community Settings

Copyright © 2024 Khoros, LLC