i want to call a custom protocol (which i defined in the Windows registry) with XMLHttpRequest.
var xhr = new XMLHttpRequest();
var url = "testprot://HOST/URL";
xhr.open("GET", url, true);
xhr.send();
I can activate the protocol, if I put the URL in the browser directly. However, the XMLHttpRequest can't handle it. Did I forget something or is it not possible to call custom protocol with XMLHttpRequest?
Thanks in advance!
Related
I am working on a FireFox Extension...
I would look to make a http post to a desired url.
I am looking to do something similar to this post.
HTTP POST in javascript in Firefox Extension
I have also read through Mozilla including... https://developer.mozilla.org/en-US/docs/Learn/HTML/Forms/Sending_forms_through_JavaScript "Using FormData bound to a form element"
The URL(Lambda Function) I am sending this to is not receiving the request. I have not been heavily exposed to javascript. Also, I don't know if there is something I am missing since this is being built as a Firefox Extension.
I have implemented this is my code.
document.addEventListener("submit").addEventListener("click", function(){
var params = "test=test"
var req = new XMLHttpRequest();
req.open('POST', 'https://sdlurjb3zi.execute-api.us-west-2.amazonaws.com/contMang');
req.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
});
The Project is format as so
chcFolder
manifest.json
tabchc.
--dasForm.css
--dasForm.html
--dasForm.js
Unable to make https XMLHttpRequest requests - getting this back:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost:8443' is therefore not allowed access.
If I replace the url with www.google.com, it's fine, but https://www.google.com does the same thing.
It works when I use Postman/JaSON Chrome extensions, so I tried open -a Google\ Chrome --args --disable-web-security, but that didn't work either.
let request = new XMLHttpRequest();
request.open("POST", "https://outlook.office365.com/EWS/Exchange.asmx", true);
request.setRequestHeader("Authorization", "Bearer " + asyncResult.value);
request.setRequestHeader("Content-type", "text/xml; charset=utf-8");
request.setRequestHeader('Access-Control-Allow-Origin', '*');
request.setRequestHeader("Access-Control-Allow-Headers", "Content-type, Origin");
request.setRequestHeader("Access-Control-Allow-Methods", "POST");
request.onload = function() {
};
request.onerror = function() {
debugger;
}
request.send(requestBody);
The "Access-Control-Allow-Origin" header is set server-side for security reasons.
If you had access to the server you could just do:
header("Access-Control-Allow-Origin: *");
This, however, is not safe for obvious reasons. You should always allow as minimum external access as possible.
Recently I had the same issue. What I did was just use my own server, make the request from there to the api, and just have the script make the request to my server instead (from which you can set the access control header). So basically, instead of making the request to the third party client-side (from javascript), make it server-side and then get that data from your server via javascript.
I'm struggling for quite some time already with issuing a simple GET request to a 3rd party REST Api. I've read a bit of tutorials and SO questions but I just can't get it to work. I am getting one of two errors
Response for preflight is invalid (redirect)
or (if via https)
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost:8433' is therefore not allowed access.
About 2nd message: Is it just a problem with the server not supporting CORS?
My code:
var xmlHttp = new XMLHttpRequest();
var url = 'https://inspirehep.net/record/451647?of=recjson&ot=recid,number_of_citations,authors,title'; //http or https, tried both
/*
doing sth with response here like populate dropdown etc.
*/
xmlHttp.open('GET', url, true);
xmlHttp.setRequestHeader("Access-Control-Allow-Headers", "Content-Type, X-Requested-With, Cache-Control");
xmlHttp.setRequestHeader("Content-Type", "application/json");
xmlHttp.setRequestHeader("Access-Control-Allow-Origin", '*');
xmlHttp.setRequestHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS");
xmlHttp.setRequestHeader("Access-Control-Allow-Credentials", "true");
xmlHttp.send();
Whole app is running on node.js server (localhost) and the script above is included as separate file in .html view.
I can correctly get json response from web-browser, fiddler, postman etc. for this API. I also tried different APIs (e.g. Openweather API) thinking that it's the problem with server configuration, but the result was the same.
I would be thankful for any help - maybe i'm just misunderstanding something about CORS.
you cannot set headers from the browser, if the target url runs on your server or a server that you manage and that server runs nodejs you can use cors https://www.npmjs.com/package/cors, however, if this is a third party url and it doesn't not allow CORS, then you should make the request from the your back-end through configuring a proxy from your server to third party server, that should resolve your problem.
The answer on CORS with nodejs is most likely right, but I want to suggest that you run a test to make sure your code works fine as well.
Try with Chrome and download an extension to allow CORS. This way you will test the functionality first before trying the right solution.
Late to the party...
http://cors-anywhere.herokuapp.com/ is great, but you don't need it if you are using XMLHttpRequest() and a GET method. Simply exclude your header requests...
var xhr = new XMLHttpRequest();
xhr.open( "GET", YOURURL );
//OMIT THESE...
//xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
//xhr.withCredentials = true;
//xhr.setRequestHeader( 'Content-Type', _contenttype );
//xhr.setRequestHeader( 'CrossDomain', 'true' );
//....
xhr.addEventListener( 'load', function () {
xhr.responseJSON = JSON.parse( xhr.responseText );
alert( xhr.responseJSON);
});
xhr.onerror = function(e) {
alert("Ajax request error");
};
xhr.send( JSON.stringify({}) );
I'm attempting to create a Chrome extension that connects to my web server over secured connection to enable user authentication.
My web server implements Spring Security solution and I was able to access my services when the security filter was turned off (http://1.2.3.4:8080/path/to/api)
When I try to access the login via https://1.2.3.4:8443/path/to/auth the XHR receives status code 0 for async requests and 'Error: INVALID_STATE_ERR: DOM Exception 11' immediately after calling xhr.open('POST', url, false); (which is a sync call) method.
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = checkResponse;
xhr.onerror = handleError;
xhr.open('POST', loginUrl, true); // tried async and sync
xhr.withCredentials = 'true'; // tried with and without
xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
xhr.send(loginContent);
My manifest file requests permission for both http://*/* and https://*/* (I even tried setting it to <all_urls>).
What am I doing wrong and if such login attempt sounds possible?
Edit / Addition
I tested a login attempt to the https url with Poster plug in for FireFox and managed to authenticate myself from the same computer the Chrome attempt was made - so the server and the auth path are reachable outside Chrome extension.
Another Edit / Addition
When changing the authentication to HTTP instead of HTTPS I was able to authenticate myself via the extension. Seems like HTTPS requests are blocked even that I requested for the required permissions.
Itunes is based on Webkit platform and we can't use cross-site XmlHttpRequest in JavaScript because of security policy. But, as a exception, we can do that with a special header.
Here is source code and I did it successfully in Safari:
var url = 'http://mysite.net/canvas.php';
var mybody = "<?xml version='1.0' charset='utf-8'?><person><name>Arun</name></person>";
var http = new XMLHttpRequest();
http.open("POST", url, true);
http.setRequestHeader("X-PINGOTHER", "pingpong");
http.setRequestHeader('Content-Type', 'application/xml');
http.setRequestHeader("Content-length", mybody.length);
http.setRequestHeader("Connection", "close");
http.send(mybody);
I sent xml data to my server and get return response successfully in Safari browser but i can't do it in iTunes LP environment. So what is the problems?
I don't know what iTunes LP environment is but normally, if you need to do cross site scripting you'd use JSONP. Look into that. I'm sure you can find loads of examples.
JSONP is good option, but in order to do that, you need to create the service to provide the feature of JSONP.
But, you not may the owner for that.
You can go with proxy to send the XmlHttpRequest which you can use Flash as proxy.
You can find better example here