Weather API Developer's Guide

Cross-Domain JavaScript Requests

Often, browsers prevent access to certain servers due to security restrictions. Cross-Domain Javscript Requests allow developers to work around security restrictions that would prevent an application from contacting HERE Weather API directly. For example, certain location information might not be retrievable without enabling this method. In order to allow full access to servers, the HERE Weather API provides a mechanism to enable client-side cross-origin requests that allow JavaScript resources to be fetched from another domain.

For details on how this mechanism operates, see Cross-Origin Resource Sharing. HERE Weather API uses all headers and parameters of this mechanism.

In order to support browser platforms which do not yet implement Cross-Origin Resource Sharing, GET requests can alternatively be made using JSONP. To use JSONP, your application simply supplies the name of its callback function in the jsoncallback or jsonpCallback query string parameter.

For example, to use JSONP to obtain current weather conditions in Berlin with a callback named myCallbackFunction, you could make a request as shown in the example below:

GET https://weather.cit.api.here.com
/weather/1.0/report.json
?app_id={YOUR_APP_ID}
&app_code={YOUR_APP_CODE}
&product=observation
&name=Berlin-Tegel
&jsoncallback=myCallbackFunction
Note: The JSONP mechanism only works for GET requests. POST requests can only be made using the Cross-Origin Resource Sharing mechanism discussed above.