I am trying to use the Bitly V4 URL Shorten API on IE11 via ajax POST, but getting security error after the preflight (OPTIONS) call. My implementation and error encountered as below:
$.ajax({
type: 'POST',
url: 'https://api-ssl.bitly.com/v4/shorten',
data: JSON.stringify({group_guid: '<Bitly_group_guid>', long_url: 'https://www.google.com'}),
dataType: 'json',
contentType: 'application/json',
headers: {
'Authorization': 'Bearer <Bitly_generic_access_token>',
},
}).done(function (resp) {
console.log('OK');
}).fail(function (jqXHR, textStatus, errorThrown) {
console.log('NOT OK');
});
SEC7123: Request header content-type was not present in the Access-Control-Allow-Headers list.
SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.
access-control-allow-headers: *
access-control-allow-methods: HEAD, GET, POST, PUT, PATCH, DELETE
access-control-allow-origin: *
allow: POST, OPTIONS
alt-svc: clear
content-length: 0
content-security-policy: default-src 'none
date: Thu, 28 Nov 2019 03:13:04 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=blockFilter
In the end the POST method doesn't execute at all, the same code however WORKING on Chrome and Mozilla, which the POST method get executed and managed to shorten the URL.
Appreciate if anyone can share insights to overcome this.
After checking the documentation I found this information about browser support for Bitly api.
The Bitly web app supports the latest versions of Chrome, Firefox, Edge, and Safari. We recommend using one of these browsers for full functionality of the web app.
Other browsers are not tested and may not function properly with the Bitly web app.
Reference: