-
Bug
-
Resolution: Fixed
-
Important
-
None
-
852324
How to reproduce
- Open the browser console (F12 or Ctrl+Shift+J)
- Run the following JavaScript code
fetch('https://launchermeta.mojang.com/v1/packages/a6ffa27a7b350c6fde9e65e417e9d995c40956c7/1.19.json').then(r => r.json()).then(console.log)
→ Notice that the contents of the response are printed to the console
→ Since 2022-07-07 this existing domain also has a restrictive CORS policy - Run the following JavaScript code
fetch('https://piston-meta.mojang.com/v1/packages/a6ffa27a7b350c6fde9e65e417e9d995c40956c7/1.19.json').then(r => r.json()).then(console.log)
→ Notice that an error is shown in the console explaining that the request was blocked by CORS policy
Expected behavior
I expected that the URLs would simply change from launchermeta.mojang.com to piston-meta.mojang.com, but remain functionally the same, this includes the CORS headers.
Note that it's not as simple as keeping using launchermeta, since the resources there link to piston-meta, thus breaking existing infrastructure relying on these APIs.
Affected open source projects
This is a seriously harmful breaking change, affecting several open source tools and resources.
- InventivetalentDev/mcasset.cloud - Website to browse through the vanilla assets
- jacobsjo/minecraft-jigsaw-preview - Jigsaw preview tool
- TechMCDocs/TechMCDocs.github.io - Technical Minecraft documentation website
- misode/report - Shows remapped stacktraces of crash reports
- MiniDigger/MiniMappingViewer - Mapping viewer website