Skip to main content
commvault.com commvault.com
Solved

API Explorer Response: Failed to fetch

  • December 23, 2023
  • 4 replies
  • 122 views
M
Byte
Forum|alt.badge.img+4

I’m new to REST API and the Commvault API Explorer and my first tests fail.

At first I’m creating an authorization token using the Sandbox:

Then I switch to the API Explorer and open the login (using the lock on the right hand side) and paste the token I got before:

I try to get a list of plans using the “Get List of Plans”:

 

I’m getting a response with an unknown response code:

 

 

In the console of Edge are two errors reporting violations of CSP directive:

 

The same happens using Firefox:

 

I was searching the web for this CSP violation, but I could not find a solution.

Is there anything I’m doing wrong? How can I get the API Explorer working?

 

Best answer by Marc St.

I found the solution by myself.

The Content-Security-Policy (CSP) header is a security feature that helps prevent cross-site scripting (XSS) and code injection attacks.

The URL in the browser is pointing to the hostname “CS01” but in the API Explorer (swagger) you can see the Computed URL is “localhost”:
 


For the browser the hostname “cs01” and “localhost” are not the same and therefore CSP is blocking.

The solution is to use localhost in the URL: https://localhost/webconsole/sandbox/apiexplorer/

View original
Did this answer your question?

4 replies

M
Byte
Forum|alt.badge.img+4
  • Marc St.
  • Author
  • Byte
  • 9 replies
  • Answer
  • December 25, 2023

I found the solution by myself.

The Content-Security-Policy (CSP) header is a security feature that helps prevent cross-site scripting (XSS) and code injection attacks.

The URL in the browser is pointing to the hostname “CS01” but in the API Explorer (swagger) you can see the Computed URL is “localhost”:
 


For the browser the hostname “cs01” and “localhost” are not the same and therefore CSP is blocking.

The solution is to use localhost in the URL: https://localhost/webconsole/sandbox/apiexplorer/

N
Vaulter
Forum|alt.badge.img+10

@Marc St. 

Check the Webserver.log. Try using POSTMAN and see if the issue is same.

If Yes then raise a support case.

M
Byte
Forum|alt.badge.img+4
  • Marc St.
  • Author
  • Byte
  • 9 replies
  • December 25, 2023
Navneet Singh wrote:

@Marc St.

Check the Webserver.log. Try using POSTMAN and see if the issue is same.

If Yes then raise a support case.

I have already found the solution and tried to post it, but it was blocked because of any word in there and first has to be check and released by a moderator.

Jennifer Kelley
Vaulter
Forum|alt.badge.img+16

Thanks @Marc St. and @Navneet Singh - that reply got intercepted by the automated spam filter. I’ve restored it and marked it as the “best answer” here. 

Reply


Most helpful members this week

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings