CRUD ROOKIE - network error?

Mitya · March 29, 2021, 3:12pm

Hi guys, first-time poster. I’m working may way through Missions and have a problem with CRUD ROOKIE. I’m getting the below error. What am I doing wrong? I’m running this on a server (not file:///) and have copied my app ID and JavaScript API ID (also tried the REST API key - same result).

backendless2

Thanks in advance

mark-piller · March 29, 2021, 3:17pm

Hi Andy,

Welcome to the community. Is your app hosted in the US or the EU hosting zone?

Is the page you run loaded from localhost?

Regards,
Mark

Mitya · March 29, 2021, 3:19pm

Hi Mark - thanks for the super-speedy reply. It’s EU, and yes I’m running from a local NPM server on 127.0.0.1:8080.

Thanks,
Andy

mark-piller · March 29, 2021, 3:20pm

Hi Andy,

Please make sure to set the endpoint URL pointing the app to the EU hosting zone (do it before you call initApp):

Backendless.serverURL = "https://eu-api.backendless.com"

This is described in the doc, but we’re also making a change where that step for the EU cluster will be optional:
https://backendless.com/docs/js/setup.html

Regards,
Mark

Mitya · March 29, 2021, 3:26pm

Ah good spot! You’re quite right, that is mentioned in the docs. Might be worth highlighting that in the Mission itself, since that’s easy to miss - I literally just opened the docs page to grab the SDK URL, totally missed the zone customisation bit.

Thanks!

Mitya · March 29, 2021, 6:39pm

Mark while I’ve got you, can I ask about API key protection? If I expose my API key to my JavaScript, that’s obviously publicly viewable by pointing a browser to my script URL. How do I prevent others using my API key and thus writing to my app, if I’m writing a web application?

Continued thanks.

mark-piller · March 29, 2021, 6:46pm

Hi Andy,

Neither app ID nor API key is meant to be private/hidden/secure. The security of your application comes from the security policy you configure with permissions and roles assigned to your users. There are several topics in the documentation on this subject:
https://backendless.com/docs/rest/users_user_roles.html
https://backendless.com/docs/rest/users_global_permissions.html
https://backendless.com/docs/rest/users_asset_container_permissions.html
https://backendless.com/docs/rest/data_security.html

Regards,
Mark

Mitya · March 29, 2021, 6:47pm

Thanks, Mark - I’ll go have a read. Appreciate the quick responses.