I am working on a FireFox Extension...
I would look to make a http post to a desired url.
I am looking to do something similar to this post.
HTTP POST in javascript in Firefox Extension
I have also read through Mozilla including... https://developer.mozilla.org/en-US/docs/Learn/HTML/Forms/Sending_forms_through_JavaScript "Using FormData bound to a form element"
The URL(Lambda Function) I am sending this to is not receiving the request. I have not been heavily exposed to javascript. Also, I don't know if there is something I am missing since this is being built as a Firefox Extension.
I have implemented this is my code.
document.addEventListener("submit").addEventListener("click", function(){
var params = "test=test"
var req = new XMLHttpRequest();
req.open('POST', 'https://sdlurjb3zi.execute-api.us-west-2.amazonaws.com/contMang');
req.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
req.send(params);
});
The Project is format as so
chcFolder
manifest.json
tabchc.
--dasForm.css
--dasForm.html
--dasForm.js
Related
using curl I can send a POST request to
"http://myusername:mypassword#SomeURL" to trigger an action
Using xml http request I've tried doing the same thing but running the following code:
xhttp = new XMLHttpRequest();
xhttp.open("POST", "http://myusername:mypassword#SomeURL", true);
xhttp.setRequestHeader("Content-Type", "text/plain");
xhttp.send();
Greets me with the error:
POST http://myusername:mypassword#SomeURL 403 (Forbidden)
Now why would this be ? Is accessing an url like this via a browser, curl, arc... etc different from accessing it via .js ?
Furthermore I've tried posting to said url using the action of a form and it worked swimmingly, but I'd prefer to get things done in JavaScript if possible for this specific task.
So... ahm, any ideas ? The documentation behind the XMLHttpRequest that i've seen has been rather lack-luster for a technology that "carries the modern web upon its shoulders".
Necessary reading to solve this question:
Basic Authentication With XMLHTTPRequest
How can you encode a string to Base64 in JavaScript?
I am deliberately not adding a code sample; the linked questions have everything you need.
Sounds like you might need to enable CORS (cross-origin resource sharing)
I'm trying to hack my back-end, which exposes a REST API. The worst thing that can happen to my database according to firefox CORS policy is that I can create a new object with POST request, as it does not need a preflight. This is the simple code (I'm running it via jsfiddle, but it shouldn't mean a thing)
var xhttp = new XMLHttpRequest();
xhttp.open("POST", "http://127.0.0.1:8000/api/v1/company", true);
xhttp.withCredentials = true;
xhttp.setRequestHeader('Content-Type', 'text/plain');
xhttp.send('{description:"This company was added by pure hacking"}');
But I'm getting an error in the console:
Blocked loading mixed active content "http://127.0.0.1:8000/api/v1/company"
The error is not because of SOP, its a mixed content error, that is making an http request on a https page.
jsfiddle defaults to https but allows http, but only on saved fiddles.
Change the url of your fiddle to use http instead of https
I have a web application that was working just fine until someone implemented a CSRF fix on our server. Now we can't call POST requests without including a particular header in our http request. This broke a file download that requires a POST request to fetch the data instead of using the GET url parameters.
I have a fix that does an ajax POST request (with post data) using the new X-CSRF header. This works, and it returns the correct content-disposition response header. The problem is that you can't get the browser to open a "Save As" dialog, or auto download.
In chrome/firefox, I did a hack where you add a dummy Anchor tag with a data URI and click it:
Internet explorer doesn't like data URIs or clicking this href with javascript.
I can't use flash as an option because the customer wants the product to work with flash.
Iframes don't work because you can't send custom http headers with Iframes.
You can add Jquery to a form that POSTs to the url, but it doesn't trigger the "Save As" or download browser interaction.
Is there any solution that actually works with IE 9 or 10?
Ok, so this works in IE10
http://msdn.microsoft.com/en-us/library/ie/hh779016(v=vs.85).aspx
Assuming you setup an XHR with arraybuffer response type
var xhr = new XMLHttpRequest();
xhr.open("POST", "/lamo_api", true);
xhr.responseType = "arraybuffer";
xhr.setRequestHeader('X-CSRF', getCSRFToken()); // getCSRFToken() returns a string
xhr.onload = function() {
var blob_builder = window.MSBlobBuilder();
builder.append(xhr.response);
var blob = new Blob(buffer, {'type': mimeType || 'application/octet-stream'});
window.navigator.msSaveBlob(blob, filename);
};
xhr.send(xml_post_data);
Still looking for a IE9 answer...
I run a service where there is a javascript file that is called and self executed on a user's site.
This then calls an external server every 10 or so seconds with a bunch of variables.
I used to do this by using a createElement('script') and then setting the path to a file on the external server and passing the required variables across by means of GET variables. (works well for small URI's)
This worked really well and seemed to work cross browser as well with no undesired effects.
The problem I then ran into was when I needed to extend the amount or size of the variables that were being sent across. So obviously I decided to change from GET method to POST, but by doing that I could no longer use the createElement('script') trick and had to opt for the XMLHttpRequest() (ala Ajax - without jQuery) method which worked really well, except for the minor problem of having to also cater for Internet Explorer and Opera which didn't really play ball too well (big shock). So I used the following:
function createCORSRequest(method, url){
var xhr = new XMLHttpRequest();
if ("withCredentials" in xhr){
xhr.open(method, url, true);
} else if (typeof XDomainRequest != "undefined"){
xhr = new XDomainRequest();
xhr.open(method, url);
} else {
xhr = null;
}
return xhr;
}
var request = createCORSRequest("post", "http://xx.xxxx.com/");
if (request){
request.onload = function(){
//do something with request.responseText
};
request.send(myPostObjectDataVariableGoeshere);
}
..which I found over at this page
This is basically just a fallback to using the XDomainRequest() method which InternetExplorer wants you to use instead..
Fantastic, BUT -> Looking in the Console of Developer Tools in IE it says:
SEC7118: XMLHttpRequest for http://xx.xxxx.com/ required Cross Origin Resource Sharing (CORS).
SEC7120: Origin null not found in Access-Control-Allow-Origin header.
SCRIPT7002: XMLHttpRequest: Network Error 0x80070005, Access is denied.
But what's really odd about this is that I've already got the following as the first line in my backend PHP file that is being called (which works for other browsers...)
header('Access-Control-Allow-Origin: *');
Someone please tell me what's wrong here.. Also if there is a better way to be doing this instead of fighting the browser wars..
Note: I cannot use jQuery for this task!
You should try jQuery for this task. Its much easier and don't have that problem with IE.
http://api.jquery.com/jQuery.ajax/
IE unfortunately block Cross Origin requests, i believe there is no simple way to get around it by script only, but you can try tuning the options or via my proxy script.
Tuning the options
Internet Explorer ignores Access-Control-Allow headers and by default prohibits cross-origin access for Internet Zone. To enable CORS go to Tools->Internet Options->Security tab, click on “Custom Level” button. Find the Miscellaneous -> Access data sources across domains setting and select “Enable” option.
Proxy Script on local server as a Bridge
Previous post:
Remote POST request with jQuery and Ajax
This is for you to place a PHP script on a local server and do a local AJAX request and proxy to the remote server for good.
Itunes is based on Webkit platform and we can't use cross-site XmlHttpRequest in JavaScript because of security policy. But, as a exception, we can do that with a special header.
Here is source code and I did it successfully in Safari:
var url = 'http://mysite.net/canvas.php';
var mybody = "<?xml version='1.0' charset='utf-8'?><person><name>Arun</name></person>";
var http = new XMLHttpRequest();
http.open("POST", url, true);
http.setRequestHeader("X-PINGOTHER", "pingpong");
http.setRequestHeader('Content-Type', 'application/xml');
http.setRequestHeader("Content-length", mybody.length);
http.setRequestHeader("Connection", "close");
http.send(mybody);
I sent xml data to my server and get return response successfully in Safari browser but i can't do it in iTunes LP environment. So what is the problems?
I don't know what iTunes LP environment is but normally, if you need to do cross site scripting you'd use JSONP. Look into that. I'm sure you can find loads of examples.
JSONP is good option, but in order to do that, you need to create the service to provide the feature of JSONP.
But, you not may the owner for that.
You can go with proxy to send the XmlHttpRequest which you can use Flash as proxy.
You can find better example here