Currently, I am sending http requests using request module to an URL in nodejs program as
request('http://example.org/upload',function(error,response,data) {})
But I wish to send the http request to example.org dynamically to route to "upload" or "login" or "logout" based on the value stored in variable something like
var dynamic= "upload"
request('http://example.org/dynamic',function(error,response,data) {})
Above code is not working as expected as it is routing to dynamic in example.org. what should I do inorder to send the requests as desired?
Related
HttpClient
Request
From my understanding, I am supposed to create a Requests first before creating a HttpClient to send my requests. I'm unsure on what the parameter is asking for in the Request method:
new Request(method, path, opt_data)
path - The path on the server to send the request to.
What path is this referring to?
I tried using server URL for path but got no response. Unsure on what to key in for the path parameter.
I have a Java Spring REST back-end (#RestController) and using as security option Json Web Tokens(no session). At the front-end I want to use JavaScript (jQuery to send requests to back-end), Html.
So after login I save a JWT in browser and send it back in header with every request I make to #RestController.
My question is: How to navigate between pages (that are accessible only for authenticated users) from js? How #RestController will work in this case?
The #RestController handle the requests containing a path (the path of the request is not necessary to be the same with the path(URL) from front-end)
Solution (if you have a front-end server): When you try to reach a front-end URL you make a call to the server-side; if the response status is 200 the page can be displayed(with the body of the response if you send information); if the response is not you will stay on the home page, or you can redirect the user to login page...
Also check this : http://www.studytrails.com/frameworks/spring/spring-security-method-level/
I have a cms, where am using laravel as web api, angularjs for requests.
I have an iframe where I call to services with a direct link and put it usig trusted src function.
The main problem is, I can not use a normal http post request and hide parameters, because using http request will return data, not file, and the report api returns in headers, an html file, pdf ... etc) so when i get result to the success of my http request, it won't download pdf file, it will show special chars
in the i frame am calling the api like this :
"localhost/api/getreportService/"+$scope.brandid+"&"+$scope.customerid"
but that's cannot be secure, is there any way to hide the request here from users?
ok, I found a solution, I called the api via http post request then I used $sce tustAsHtml for the response, with a ng-bind-html in my template and the result is good now, the report is showing in the div,
Now all is safe, the user needs a token to access the report, and that's impossible without a login.
I'm making an GET request to my server with AJAX+JS. I'm using it to delete file like this:
delete.php?file_id=0123456789&user=555555
When I send GET request delete.php will delte file with ID 0123456789, but is there a way to accept only request that server makes to itself.
For example if user opens new tab and types www.mysite.com/delete.php?file_id=0123456789 server will decline that request, but if I call it with JS function server will accept the request.
How about using X-XSRF-TOKEN
in combination with Angular JS?
This will require your webapplication to generate and check this token, but your AJAX request will be authenticated.
I have the following situation: I have two applications that I need to make talk to each other: a JSF login page and an angular-js application. I cannot modify the JSF login page. I can modify the angular application.
A user logs in by accessing the JSF login page. A user access the JSF page from a browser and fills the log in form. If successfully authenticated, JSF will produce a token and send that token in a header with a redirect to the index.html that has the angular-js application. How can the angular-js application grab that token from that redirect?
It depends on from what kind of request do you need headers.
In case of xhr, most probably you will do your requests with http service. Its promise gets (in both states: failed and succeed) an object as an argument with a header() method, the one you need. You can get more information here:
The response object has these properties:
data - {string|Object} – The response body transformed with the transform functions.
status - {number} – HTTP status code of the response.
headers - {function([headerName])} – Header getter function.
config - {Object} – The configuration object that was used to generate the request.
statusText {string} – HTTP status text of the response.
EDIT
There are difficulties when you need to get headers not from an xhr but from the initial page request, before angular is bootstrapped. Unfortunately javascript can not access them.
One solution could be using cookies instead of header to store the data you need. But in this case you should do some changes on the request emitter side.
The other way, could be handling requests on the server, before html is being provided. Afterwards, you can pass them directly in markup, or remember them somehow, and send an xhr request for them directly from angular. But if you have a simple static page, you won`t be able to achieve it.
I think you have to create a http interceptor that will get the header from the http request, than store it in a cookie or in the local storage.
EDIT:
Try this:
module.factory('myTokenInterceptor', ['$cookies', function($cookies) {
var myTokenInterceptor = {
'request': function(config) {
if (config.url=='index.html')
{
var myToken=config.headers['myToken'];
$cookies.put('myToken', myToken);
};
}
};
return myTokenInterceptor;
}]);
module.config(['$httpProvider', function($httpProvider) {
$httpProvider.interceptors.push('myTokenInterceptor');
}]);
"module" can be anyone of your angular app modules.
In your controller, you can get the value of the token by using:
var token=$cookies.get('myToken');
I do have similar scenario.
Authenticating user by JSF Application login page (App1), and on link click invoking servlet, inside doPost() creating Cookie with token/JWT and adding cookie into responds header and redirecting to Angular JS ( App 2).
Angular app reading token from cookie and working well in local environment.
but the same not working with real domain name. getting cookie undefined.
Inside doPost() Domain.com/App1
Cookie cookie = new Cookie("AUTH_SESSION", URLEncoder.encode(
token, "UTF-8"));
cookie.setDomain(domain.com);
cookie.setMaxAge(30);
cookie.setHttpOnly(false);
cookie.setPath(“/”);
response.addCookie(cookie);
String redirectUrl = bean.getRedirectServletUrl();
response.sendRedirect(redirectUrl);
Inside AngularApp
Domain.com/app2
angular.module('app').service('CookieInitializer',
['$cookies', 'Session', '$location', CookieInitializer]);
function CookieStateInitializer($cookies, Session, $location) {
var init = function() {
var cookie = $cookies.get('FS_SESSION'); // undefined when using domain name
both application are differentiated by context path. and proxy added to make both application working with same domain name.
Domain.com/app1
domain.com/app2 --> apphost.com:443