CORS error when getting rates from bittrex

[ng-gist]

Expected Behavior

getPriceSteemAsync, getPriceSBDAsync and getBTCPriceAsync should return rates when the response is resolved.

Actual Behavior

Uncaught Error gets throws because response is not received from bittrex due to CORS Error

Steps to Reproduce

1. Install SteepPlus Version 3.8.2.1 in Chrome.
2. Enable the extension if its not already enabled.
3. Go to busy.org and login.
4. Open Dev toolbar to check Console for errors.

Explanation of Issue

When you try to access an API which has no CORS header, you get a success response 200 but no response data. This is because most browser have same origin policy in place to prevent a malicious api getting called using session information without website intending it to.

Fixing CORS Header

As such, you will not be able to get around this issue from extension directly without bittrex making a change in thr api to include CORS header. This is unlikely to happen so to get around this problem, you can create a node middleware API. This api when called, will make a call to bittrex and once the response it returned, it will pipe the response to extension with CORS header added.

Please note that you can't test CORS issues on localhost as they are ignored on localhost. They only surface once the code is deployed on server.

Browser: Chrome Version 73.0 (Official Build) (64-bit) Operating system: OSX 10.11.6 Version: 3.8.2.1