Forums

    5 posts

  • avatar
    0 sounds
    3 posts
    Feature Request - Access Control Allow Origin


    Hello freesound developers,

    First, thanks for such a valuable resource! I have a web-based live coding environment ( http://www.charlie-roberts.com/gibber ) and I'd like people to be able to read in freesound samples using XMLHttpRequests. This thread in Google Groups from last year discusses the issue:

    https://groups.google.com/forum/?fromgroups=#!topic/freesound-api/JL2lNzP6mKM

    Has any progress been made on this? Right now I'm getting some errors when I try to load sounds via xhr...

    Thanks for any info!!! - Charlie

  • avatar
    19 sounds
    34 posts


    Hello Charlie,

    We've done some tests and it seems that both preview files and served sounds have the correct headers. As an example:

    -> for previews:
    curl -v -O "http://www.freesound.org/data/previews/106/106018_1799321-lq.ogg"

    < HTTP/1.1 200 OK
    < Server: nginx/1.0.15
    < Date: Wed, 08 May 2013 10:51:51 GMT
    < Content-Type: audio/ogg
    < Content-Length: 134314
    < Last-Modified: Fri, 20 May 2011 22:41:48 GMT
    < Connection: keep-alive
    < Access-Control-Allow-Origin: *
    < Accept-Ranges: bytes

    -> when serving original files
    curl -v -O "http://freesound.org/api/sounds/106018/serve/?api_key=XXX"

    < HTTP/1.1 200 OK
    < Server: nginx/1.0.15
    < Date: Wed, 08 May 2013 10:51:10 GMT
    < Content-Type: application/octet-stream
    < Content-Length: 1278052
    < Last-Modified: Fri, 20 May 2011 22:41:46 GMT
    < Connection: keep-alive
    < Content-Disposition: attachment; filename="106018__christoff45__purring-cat.wav"
    < Access-Control-Allow-Origin: *
    < Accept-Ranges: bytes

    So this should work in your application right?
    Maybe you can share with us some code for testing it.

    frederic
    the freesound team
  • avatar
    0 sounds
    3 posts


    Great! Thanks for the quick response. Let me play around with the API a little more and see if I can figure out what I'm doing wrong before I bug you with code.

    Thanks again - Charlie

  • avatar
    0 sounds
    3 posts


    Got it working, thanks!

    One question, should I be worried about the security of the api key? I will try to obscure it but seeing as how I'm creating a web application I have a feeling there is only so much I'll be able to do.

    Thanks again! - Charlie

  • avatar
    19 sounds
    34 posts


    Hi again Charlie,

    for the moment as you say there is not much you can do to obscure the key. We reserve the right to cancel an api key if the usage does not follow the terms of use for the api (http://www.freesound.org/help/tos_api/), but this should not happen and in any case we log the api activity and could identify requests not comming from your domain.

    frederic
    the freesound team

    5 posts