I'm making an GET request to my server with AJAX+JS. I'm using it to delete file like this:
delete.php?file_id=0123456789&user=555555
When I send GET request delete.php will delte file with ID 0123456789, but is there a way to accept only request that server makes to itself.
For example if user opens new tab and types www.mysite.com/delete.php?file_id=0123456789 server will decline that request, but if I call it with JS function server will accept the request.
How about using X-XSRF-TOKEN
in combination with Angular JS?
This will require your webapplication to generate and check this token, but your AJAX request will be authenticated.
Related
I have following use case:
launch browser -> newPage()
open website (www.mypage.com) to get default cookies
execute a POST request with query parameters (www.mypage.com/special-informations) to get special cookies
open required page (www.mypage.com/something)
How can I execute this POST request and go on with my normal GET request?
Is there a way that once request received from a specific URL then the doPost will trigger and if incorrect URL will send error response back?
Only the url query parameters sent from the client are accessible server side. The origin header is not accessible server side. So, if you POST to
https://script.google.com/[DEPLOYMENT_UD]/exec/?secret=udggurahtdlDCkyyrxkymjgugsutdoyfitsittjrsktdwqFusuuwUrsDdfgUTT
from client, The secret is accessible from doPost(e) in e.parameter.secret and you may be able to verify it, but you cannot check the Host sending the request.
A software that i'm using(https://camlytics.com/) sends a request to a webhook whenever a particular event occurs, now i want to process that request but the problem is that the request is sent with the following headers as empty
content-length
content-type
Due to this reason my node code completely ignores the request. I have verified that the request is actually being sent via creating a webhook # webhook.site.
I fail to understand if webhook.site can show and process that request, why cant node do it? the code easily processes all other get requests.
Would appreciate if someone could either
help me process the request as in make it accessible via the code
if somone with experience on camlytics help me configure it in such a way that i can configure the headers of the request.
I have tried this on serverless azure function which is supposed to trigger for all HTTP requests but event that doesnt trigger, neither does it trigger on my local NODE server.
This is the request details that webhook.site shows me
Camlytics webhooks seem to work OK if you add Content-Type application/json to the Headers properties box for the HTTP Response node.
I've a JS (Angular) client that makes a PUT request (REST API) to server and server sends back a large payload that I'm not using in the client currently.
Is there a way to just fire the request and ignore any response that comes back? The main need here is to avoid the data cost incurred by receiving that payload. I've looked at closing the connection once the request is fired, but am not sure if that's the best way to handle this.
If able, I think the only way to change this would be to change the api endpoint to not include a payload from the put request.
I'm assuming you are using angular's http class and using Observables. But even if you aren't, your angular client is going to need to read the response status sent back from the server to determine whether or not the put request was successful or not. In order to read the status, you'll need to response, and unfortunately the full response sent from the server.
You could close the connection right after the request, but as I've mentioned you'll have no way of knowing whether or not the request was successful.
To ignore the request just don't do anything if the request is successful.
If you don't want the request to exist at all then do it on the backend.
Currently, I am sending http requests using request module to an URL in nodejs program as
request('http://example.org/upload',function(error,response,data) {})
But I wish to send the http request to example.org dynamically to route to "upload" or "login" or "logout" based on the value stored in variable something like
var dynamic= "upload"
request('http://example.org/dynamic',function(error,response,data) {})
Above code is not working as expected as it is routing to dynamic in example.org. what should I do inorder to send the requests as desired?