I am trying to download the latest release of a specific private repository. I am able to gather information by using this GET request:
const token = "{Very secret token not for StackOverflow}";
const owner = {company};
const response = await fetch(
`https://api.github.com/repos/${owner}/${repo}/releases/latest`,
{
//mode: 'no-cors',
headers: {
Authorization: 'Bearer ' + token,
},
}
);
const log = await response.json();
console.log(log);
}
This call returns some data, including the ‘zipball_url’ property, where i think my download comes from. However, if i try to make a request to this URL (including my token), i am getting a nasty CORS error:
Access to fetch at 'https://codeload.github.com/{company}/{reponame}/legacy.zip/refs/tags/1.1.7?token={secret token}' (redirected from 'https://api.github.com/repos/{company}/{reponame}/zipball/1.1.7') from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
The Github API Docs are not helping me very much. Can someone explain me how to fix this?