Destination Weather API Developer's Guide

Cross-Domain JavaScript Requests

Often, browsers prevent access to certain servers due to security restrictions. Cross-Domain Javascript Requests allow developers to work around security restrictions that would prevent an application from contacting HERE Destination Weather API directly. For example, certain location information might not be retrievable without enabling this method. In order to allow full access to servers, the HERE Destination Weather API provides a mechanism to enable client-side cross-origin requests that allow JavaScript resources to be fetched from another domain.

For details on how this mechanism operates, see Cross-Origin Resource Sharing. HERE Destination Weather API uses all headers and parameters of this mechanism.

In order to support browser platforms which do not yet implement Cross-Origin Resource Sharing, GET requests can alternatively be made using JSONP. To use JSONP, your application simply supplies the name of its callback function in the jsoncallback or jsonpCallback query string parameter.

For example, to use JSONP to obtain current weather conditions in Berlin with a callback named myCallbackFunction, you could make a request as shown in the example below:

curl GET https://weather.cc.api.here.com/weather/1.0/report.json
?product=observation
&name=Berlin-Tegel
&jsoncallback=myCallbackFunction
-H "Authorization: Bearer {YOUR_TOKEN}"

Note: This example uses a HERE token to authenticate your request. For the available authentication options, see the Identity & Access Management Developer Guide.

Note: The JSONP mechanism only works for GET requests. POST requests can only be made using the Cross-Origin Resource Sharing mechanism discussed above.