MooTools CORS request vs native Javascript - javascript

I have this MooTools code:
new Request.JSON({
method: 'POST',
url: URL, /*URL TO ANOTHER DOMAIN*/
onSuccess: function(r){
callback(r);
}
}).post(data);
And this code doesn't send POST requests (OPTIONS only)...
Look at the code below (it works great):
var http = null,
params = Object.toQueryString(data);
try {
http = new XMLHttpRequest();
} catch (e) {
try {
http = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
try {
http = new ActiveXObject("Microsoft.XMLHTTP");
} catch (e) {
http = null;
alert("Your browser does not support AJAX!");
}
}
}
var url = URL;
http.onreadystatechange = function () {
if (http.readyState == 4 && http.status == 200) {
var jsonData = JSON.parse(http.responseText); /*OR EVAL*/
callback(jsonData);
}
};
http.open("POST", url);
http.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
http.send(params);
EDIT:
Tried: .setHeader('Content-Type','application/x-www-form-urlencoded');
Still nothing... Where can there be a problem?
Thanks!

This is because MooTools bundles some extra stuff with the request headers.
eg. if your htaccess says:
Header set Access-Control-Allow-Origin: *
you need to craft your request like that:
var foo = new Request({
url: 'http://fragged.org/Epitome/example/data/',
method: 'get',
onComplete: function (data) {
// returns an object with name and surname
new Element('div[html="{name} {surname}"]'.substitute(JSON.decode(data))).inject(document.body);
}
});
// need to remove that or CORS will need to match it specifically
delete foo.headers['X-Requested-With'];
foo.send();
This is why you are only seeing the OPTIONS pre-flight. It does not like you :)
You could change the .htaccess to also match X-Requested-With, which is probably some extra "security".
See http://jsfiddle.net/7zUSu/1/ for a working example - I did that a while ago when I wanted to get this change to Request https://github.com/mootools/mootools-core/issues/2381 fixed.

What do you mean by (OPTIONS only)? Both examples sends POST request, only difference is in Accept request headers.
MooTools sends Accept: application/json, while native sends Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8.
This may affect how the server responds.

Related

Unable to make ajax requests in node.js

I am running a nodejs server to run my website, and I want the backend server to make a call to an api on an external server. I tried the following, basic and straightforward method:
router.post('/calculate', function (req, res) {
var data = /*some json object*/
var xmlhttp = new XMLHttpRequest();
xmlhttp.open("POST", "some.server/pricing");
xmlhttp.setRequestHeader("Content-Type", "application/json");
xmlhttp.send(JSON.stringify(data));
xmlhttp.onreadystatechange = function() {
if(xmlhttp.status == 200)
{
var str = xmlhttp.responseText.toString().trim()
dd = JSON.parse(str);
res.send(dd);
//res.end();
}
};
});
When I run this I get:
_http_outgoing.js:346
throw new Error('Can\'t set headers after they are sent.');
^
Error: Can't set headers after they are sent.
The issue seems to be in res.send(dd);
EDIT:
Upon further investigation, it seems like xmlhttp.onreadystatechange happens twice with status 200, and res.send is called twice. I created a temporary hack to fix this using a boolean flag, what is the rpoper nodejs way to fix this?
What is the most straightforward way of making such a call in nodejs? I want this done on the server side. I am not using any libraries like express. Thanks
Easy do it with request package
var request = require('request');
request({
url: 'some.server/pricing',
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
form: data
}, function (err, res, body) {
if (err) res.send(err)
else res.send(body)
});
After a lot more investigation, I found out that res.send was being called twice. The reason this was happening was because the xmlhttp object changes its state several times:
http://www.w3schools.com/ajax/ajax_xmlhttprequest_onreadystatechange.asp
I fixed the code to:
if (xhttp.readyState == 4 && xhttp.status == 200)
Now everything works properly.

Any way to make AJAX calls to Gmail API without going through JS library?

A simple guide to making a GET request to get a user's messages through Gmail API can be found here.
But the way we are instructed to do the request is in the following manner:
function getMessage(userId, messageId, callback) {
var request = gapi.client.gmail.users.messages.get({
'userId': userId,
'id': messageId
});
request.execute(callback);
}
Is it possible to make the request using the good ol' XMLHttpRequest object on the client side? If so what parameters should be passed into the call?
I have tried this:
var getMessages = function() {
var xhr = new XMLHttpRequest();
xhr.onreadystatechange = function() {
if (xhr.readyState == 4 && xhr.status == 200)
console.log(xhr.responseText);
}
xhr.open( "GET", "https://www.googleapis.com/gmail/v1/users/me/messages", true );
xhr.send();
}
But I get a 401, even after authenticating.
As it states in this answer, you should pass the access token as a query parameter with the name access_token, or prefix the authorization header value with "Bearer", like so:
xhr.setRequestHeader("authorization", "Bearer " + userToken.access_token);

Navigate to URL with custom request headers in JavaScript

Question just like the title.
In command line, we can type:
curl -H "header_name: header_value" "http://example"
to navigate to http://example with a custom request header as shown above.
Q: If I need to write a JavaScript to do the same thing, how should I do?
var url = 'https://example';
var myRequest = new XMLHttpRequest();
myRequest.open('GET', url ,false);
myRequest.setRequestHeader('header-name','header-value');
myRequest.send();
I tried this code, there is no syntax error but the page didn't change. Hence, I don't really know if I modified the request header(s).
Here is how you can handle this:
var req = new XMLHttpRequest();
req.open('GET', 'http://example', true); //true means request will be async
req.onreadystatechange = function (aEvt) {
if (req.readyState == 4) {
if(req.status == 200)
//update your page here
//req.responseText - is your result html or whatever you send as a response
else
alert("Error loading page\n");
}
};
req.setRequestHeader('header_name', 'header_value');
req.send();

XmlHttpRequest get callback response when request fails

I have a simple request I make to my service:
var request = new XMLHttpRequest();
request.open("OPTIONS", url, true);
request.setRequestHeader('Content-Type', 'application/json; charset=UTF-8');
request.setRequestHeader('Accept', 'application/json');
request.onreadystatechange = function () {
if (request.readyState != 4) {
return;
}
var authType = request.getResponseHeader("WWW-Authenticate");
makeRequest(...);
};
request.send();
}
So what I'm trying to achieve is make a call to my endpoint to see what's the authorisation type (basic or bearer) and then when I get the auth type I will make the actual request with the proper credentials.
If I make the request manually I get the 401 unauthorised which is normal but I also get the WWW-Authenticate: Basic ... in my headers. However if I do this javascript call it will just fail with 401:unauthorised but I don't get this failed response in my callback so the authType will be undefined.
I haven't used javascript before so the question is how can I get the response in the callback even if the request failed with unAuthorised ?
XMLHttpRequest has an onerror callback that you can use:
var request = new XMLHttpRequest();
...
request.onerror = function(){
if (this.status == 401) {
}
}
...
request.send();

WebAPI returning either XML or NULL, to Firefox (want JSON)

I have an ASP.NET WebAPI webservice that returns an object:
/// <summary>
/// upload a single file, as a new attachment, or overwrite an existing attachment
/// </summary>
/// <returns>new attachment, if created</returns>
[HttpPost, ActionName("uploadAttachment")]
public async Task<HttpResponseMessage> uploadAttachment(string jobid)
{
if (!Request.Content.IsMimeMultipartContent())
throw new HttpResponseException(HttpStatusCode.UnsupportedMediaType);
await Request.Content.ReadAsMultipartAsync(provider);
var attachment = [...];
return Request.CreateResponse(HttpStatusCode.OK, attachment);
}
... where "attachment" is a POCO object containing the information I need to return.
I'm calling it using XMLHttpRequest:
AttachmentService.prototype.uploadAttachment = function(jobid, name, imageData, notes, callback)
{
var url = [...];
var formData = new FormData();
formData.append('name', name);
formData.append('notes', notes);
formData.append('imageData', imageData);
var xhr = new XMLHttpRequest();
xhr.addEventListener('load', function(e)
{
var response = {};
if (e.target.status == 200)
{
response.success = true;
response.data = JSON.parse(e.target.response);
}
else
{
response.success = false;
response.message = e.target.message;
response.data = null;
}
callback(response);
});
xhr.open('POST', url, true);
//xhr.responseType = 'json';
xhr.setRequestHeader("authenticationToken", CORE.getAuthToken());
xhr.send(formData);
};
This works fine, in IE11 and Chrome. In Firefox 33, e.target.response is XML, not JSON.
I've done some browsing around the web, and have seen a number of suggestions, both client and server side. What seemed simplest was to specify the xhr.responseType, as in the comment in the code above.
And that doesn't work.
When I set "xhr.responseType = 'json'", e.target.response comes back null.
Ideas?
Additional info
Tried looking at the request headers in Fiddler.
In Chrome:
Accept: application/json, text/javascript, */*; q=0.01
In IE11:
Accept: */*
In Firefox:
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
So that does seem to be the problem.
You can set the header to application/json
x.setRequestHeader('Content-type','application/json; charset=utf-8');

Categories