I am reading a website project created on VS 2010 vb.net, where they have implemented a webservice.asmx in the same project to be called in javascript methods. In other words: the webservice is not implemented as API, it is a webservice.asmx where I can add methods to call database, and those methods are used in javascript functions.My questions are:
What is the importance of calling a webservice from javascript instead of making a postback to the server and retrieve data form there?
What about sessions? Does the webservice can view sessions of the user? I am asking this question because I can view some sessions filled as: HttpContext.Current.Session("UserID") = userId.
If it is possible to catch and fill sessions of the user pages, is it possible to have access to controls in asp pages of the same user? And Why?
I am a little bit confused with this webservice, what I know is that webservice runs on a server and is used as API in applications... this is the first time that I work with a webservice and website written in the same project, thank you.
1
Calling a WebService is a lot quicker than doing a PostBack, so if you want to only do partial updates of your website, a WebService is a good option to use (if you'd create the project from scratch, you'd use a Web API instead of an ASMX WebService). Of course, you have to integrate the result into the Web page on the client side. If you want to have asynchronous requests that lead to changes in the UI, you could also use an UpdatePanel on the ASPX-page.
It is also common to host the WebService in the same application as the Web frontend to avoid CORS issues.
2
The WebService can also access the session of the user if you set EnableSession on the WebMethod attribute to true. See this question for some pitfalls.
3
As the request to the WebService is a separate request it does not have direct access to a page's controls on the server (read in C#/VB.NET code), but you can change the HTML document tree on the client by using JavaScript.
If you need to share code on the server between the pages and the WebService, you should create separate methods in a helper/business logic class that are called by both the pages and the WebService.
To give an example, if both a page and the WebService need to get data from the database, you'd move the code for the database access from the ASPX page into a separate class (which is a good idea for many other reasons) and use the class both in the ASPX page and the WebService.
Related
First, I'd like to say this is part of a university undergrad project, so my knowledge will be limited.
I have a MySQL database set up with data and I want to click a button in HTML that queries the database and updates HTML table elements with returned data. I have done A LOT of reading and it always returns to nodejs which I have absolute beginner experience with. I have code set up to query my database with nodeJS which works fine, however, I see absolutely no solution to update the HTML dynamically and I refuse to believe it is not in some way possible. I have read about expressJS templating but this dynamic updating of data is expected to occur hourly from the database (the database is a dummy stand-in for a real-life one) and the expressJS templates are not a good fit at all.
How can I return nodeJS data to a HTML page without serving a new page each time? perhaps return server-side JS data to client-side JS? how does nodeJS allow the HTML to then load client-side JS files? I am unable to get a PHP install working so it's unfortunately not an option. I am open to any alternatives that allows HTML to MySQL connections.
Thanks
I'm not 100% sure what you have set up or what your level of knowledge is, but I hope I can help.
Sounds like you have your server running and querying your DB just fine, so that's good. Now you need to route that to your frontend. This is where expressJS usually comes in. It's a backend framework for creating API's in node. Think of it as a middleman. You send a request to your API, and your API makes a request to the DB and gives you what you want.
To make the request from the frontend, you can use the fetch() API. It's an asynchronous function used to make https requests and receive data. You then need to use that data to dynamically populate your html. Since it's done with javascript, it won't force a reload of the page either.
Feel free to ask questions and hopefully we can get you pointed in the right direction at the very least.
Im kind of new to this and looking to expand pulling API results and displaying them on page, whether it's from a blog resource or content generation.
For example, I want to pull from VirusTotal's API to display returned content. What is the best way to capture that in an input tag and display it in a DIV. And what if it were an option to pull from different API's based on drop down selection?
An example of the API to pull content would be here https://developers.virustotal.com/reference#api-responses under the /file/report section.
To call the data from the API, you need to send a request. However, there is a problem with CORS. Basically, you can't call the website from inside your web browser from a page on your local machine, because your browser blocks the request. The web browser will only allow calls to and from the same server, except for a few exceptions.
There's two ways to approach this.
The simplest one is to make a program that calls the API and outputs an HTML file. You can then open that HTML file to read the contents. If you want to update the info, you would need to run that program once again manually. You could easily do this building off the python they provided.
The other, little bit more complex way, is where you host a server on your PC. When you go to the webpage on that server, it sends a request to the website, and then provides the latest information. There's tons of frameworks and ways to do this. For an absolute beginner on this subject, ExpressJS is a good start. You can make a hello world program, and once you do that you can figure out how to call the API whenever a page is loaded, and display the results.
I am working on a Web Application developed & hosted on Domino R9 Server (Non Xpages Web Application). Each form has WebQueryOpen and WebQuerySave events implemented for the server side business logic. Problem is that on every page, when the page refreshes from the browser, application's home page/form is loaded. I want to maintain the state of a page in this application.
Moreover, is there any possibility of implementing an Ajax based session handling (backend) in case the page was idle for sometime and session expired. For example if a user was writing something in the Web Editor (implemented in CKEditor latest version) and if his session is automatically dropped he should be able to start with least hassle and his already written stuff may not be lost.
My suggestion is to not use WebQueryOpen and WebQuerySave. Instead write the application to use modern web technologies (Ajax, JSON, REST API), then you don't need to save and reopen the page all the time. Doing that will give you everything you want.
I would build the page using standard HTML and Javascript (or even jQuery), then make Ajax calls to agents on the server to read/write data.
I have given several presentations on exactly this, with plenty of code samples and even finished code to download:
http://blog.texasswede.com/mwlug-2015/
http://blog.texasswede.com/my-mwlug-presentation-2/
http://blog.texasswede.com/my-connect-2017-demo-code/
You can save the contents from all fields and CKEditor in a JSON string and also the UNID (or any "primary key") to the current entity (=page).
Afterwards, you can send this string to the server using AJAX, or as an alternative...
... have you tried using HTML5 local storage? See this page:
https://www.w3schools.com/html/html5_webstorage.asp
Tell us how do you continue!!!
I've set up ASP.NET Identity 2 in my MVC app to authorize users for both standard pages and Web API calls. Simply adding the [Authorize] attribute (with a few fixes) works just fine for preventing unauthorized access, but I also need the ability to get the current IPrinicple in the same way that I would use User.Identity in my MVC views and controllers. There are some things I can accomplish by using it in my views and controllers before they are handed off to Angular, but I also need to be able to read this value for things like creating menus based on the current user's role.
I've considered reading the ASP.NET Idenity cookies, but this requires decryption of the cookie, which I obviously won't be able to accomplish on the client side without revealing the decryption key.
Is there a way to pass off the User.Identity to Angular.js in a way that's consumable by the client side code?
I'm sure this question has been asked before, but I can't find a thread that explains it in a way that makes sense to me.
I'm creating a bookmarklet/browser plugin written in Javascript. This script makes calls to an api, effectively sending a users activity information from one site to another. (think, making a tweet when a user posts a facebook status)
This site loads javascript right into the site. The API I'm using requires an MD5 hash to be generated using an API secret code. This is no problem, I'm making an ajax call to a PHP script I'm hosting elsewhere, that returns the correct string.
Problem is I don't want the user to be able to make a call to this same script to generate their own strings, with the secret embedded to abuse the API. Is their a way I can only allow calls to this API when I want to make them?
Or maybe I'm approaching this from the wrong direction.
You cannot dictate how a client executes your javascript. There is no way to create a "secure" request, or insure that it wasn't modified by an attacker. This is the nature of the client/server system. The page its self can be modified using GreaseMonkey and any request can be modified or replayed using TamperData.
1) you should open a token on your DB like GUID.
this guid will represent some info and can only be executed once ( put a db field in table called "isAlreadyuse" -type bit).
now ,
when the ajax will call itself - you send this guid to the server.
the server will see if the guid exists
and emits its logic and update thefield to "1".