I followed the tutorial to generate and use access tokens. Now, i get it just fine and put it in the options argument of the Autodesk.Viewing.Initializer.
My issue is that, i got to call the route using jQuery and as such, the response is visible from the network tab in devtools.
Is there a way to completely hide it?
Thanks in advance.
you may try with the mechanism of token proxy which is described at:
https://forge.autodesk.com/blog/proxying-forge-viewer
or
https://forge.autodesk.com/blog/securing-your-forge-viewer-token-behind-proxy
Related
I try to fetch all product data list in json from WooCommerce API and type address bar http://www.batata.in/wc-api/v3/orders. But it give an error:
{"errors"[{"code":"woocommerce_api_authentication_error","message":"oauth_consumer_key parameter is missing"}]}
I tried all things but issue is not fixed. Rest API is on.
If anybody know any other way to find product list in json format from WooCommerce WordPress plugins, then please tell me.
I have faced the same problem. After some research, I have solved this issue. Kindly check that your site secure or not [http or https]. I missed the "s" for http.
Please note that you need to provide consumer key, nonce, signature with your rest api call. Following is the format which worked for me.
http://SomeURL.com/wc-api/v2/orders?oauth_consumer_key=########&oauth_timestamp=######&oauth_nonce=#############&oauth_signature_method=HMAC-SHA256&oauth_signature=##########################
For generating nonce and signature I recommend you use some wrapper available for your platform. I used php so got a nice library here.
https://github.com/woocommerce/wc-api-php
Important:- Even after following all above steps correct I got the same issue you faced. It kept giving me error "oauth_consumer_key parameter is missing" which actually was misleading. The issue I figured out was the basic http auth. I had http authentication in place so the curl request I used to fire was returning 401 unauthorized. If you are using php you will understand following line.
curl_setopt($this->ch, CURLOPT_USERPWD, "USERNAME:PASSWORD");
And it worked. So point here is you can try this or play around with your curl/socket or any client you are building and don't focus on the error message as it is misleading most of the time.
Sandipa Mukherjee's answer is right.
For http:// additional oauth parameters are required, because it's not safe.
My suggestion is to use the https:// server for wordpress.
Please refer to https://scriptstown.com/how-to-setup-cloudflare-ssl-and-configure-origin-certificate-for-apache/
In Ruby on Rails you can place the access control headers in the Application Controller. What about Padrino? where do you place them? I've tried placing them in the method of a Controller I need to use different headers and inside app.rb, but it doesn't workout... any ideas?
As Nikhil mentioned it, setting the response headers yourself is a great way of doing it and being in control of what's happening.
If you put them on a before block in app.rb they will apply to the every route in your app which I guess is what you're trying to achieve here.
Just be careful on which permissions you grant. I find this MDN guide a great resource for CORS headers.
I'm trying to replicate a request I make on a website (ie zoominfo.com) using the same http POST parameters using chrome rest console, but it fails for some reason. I'm not sure if there is a missing field or it's not working because the origin of the request isn't valid.. can someone point me out in the right direction? Below is a detailed explanation of the experiment:
ORIGINAL CASE
basically if I go to zoominfo.com (registered and all) I see a form page that I need to fill:
if I hit enter.. the site makes an ajax call. If I open the chrome web dev tools, and open the network tab, I see the details of the ajax call:
notice the body of the POST has the name John Becker in it:
{"boardMember":{"value":"Include","isUsed":true},"workHistory":{"value":"CurrentAndPast","isUsed":true},"includePartialProfiles":{"value":true,"isUsed":true},"personName":{"value":"john%20becker","isUsed":true},"lastUpdated":{"value":0,"isUsed":true}}
the response is shown under the respones tag:
WHAT I'M TRYING TO DO
basically replicate what i've done above using a REST console (note: so there is nothing illegal here.. i'm just replacing a chrome browser action with a rest client action.. i'm not hacking anyone and i'm not getting information I can't get the normal way, but if someone feels otherwise.. please let me know)..
so I plug in the same parameters as above into the rest console:
now i'm not sure about authentication.. but just to be safe, i entered the same user name and pwd i have for the site into the REST console:
but then I keep on getting an error as a response to my rest console's request:
UPDATE: CORRECT ANSWER:
so according to JMTyler's answer.. I had to simply include criteria in the RAW body, and convert it to url encoding.. in addition to that, I had to explicitly set the encoding in the rest console body..
looking at the chrome inspector more closely, it turns out that I simply had to click on view source:
to get the url-encoded value that I needed to put in the RAW body in the rest console:
I also had to set encoding to gzip,deflate,sdch and things worked fine!
The form is posting all that JSON under the field criteria. You can see this in the screencap of the chrome dev console you posted.
Just start your raw body in rest console with criteria= and make sure the json has been url-encoded. That should do it.
No authentication is needed because none is passed through the headers in your screencap. Any cookies you have when you load the page normally will also be loaded through rest console, so you don't need to worry about explicitly setting them.
Reading your problems I'll make an educated guess:
zoominfo does not provide an RESTful API.
Rest-Console understands and uses HTTP Authentication, which is different from the authentication handler zoominfo implemented.
A possible way to work around may be:
Make a call to the login-page via rest console. you'll get back cookies and a lot more.
In subsequent requests to zoominfo be sure to include those cookies (likely holding some session information) in your request, therefore acting like a browser.
Hy,
I'm working on a jsFiddle with a openlayers example in it.
http://dev.openlayers.org/releases/OpenLayers-2.11/examples/snapping.html
At the moment it's not working because it's not getting a response for the http request to get data. How do I fix that?
The jsFiddle is here: http://jsfiddle.net/TcuxA/6/
Go to the line "// create three vector layers" in the script.
There are 3 requests for data. If you type the URLs in your browser you get the JSON, but my firebug gives 3 errors when I run the jsFiddle.
I tried fixing with jsFiddle echo ( http://doc.jsfiddle.net/use/echo.html ), but that didn't work. I don't know how to change the script to load the data otherwise.
Why can't I get the json by these URLs? What are good sollutions?
What you are experiencing is an exception being thrown by the XMLHttpRequest object, because you are using AJAX to call elements from different domain. This is better said, for example, in here:
"The XMLHttpRequest object is prevented from calling web services from outside its own domain. This is sensible given that if you called a script in one place and it, in turn, called a script on another server, it could leave an application open to all sorts of malicious scripts, hacks and exploits."
So the easiest way to do is to code it locally and call a local copy of the files (poly.json, line.json and point.json) that would reside on your local server. For testing if all displays on a map you could hard-code the files into your code. I am not sure how it could be achieved otherwise.
A good solution can be this : using github responses . You can store your example in github, along with the predefined XHR requests responses.
I have a simple RESTful web service and I wish to test the PUT method on a certain resource. I would like to do it in the most simple way using as few additional tools as possible.
For instance, testing the GET method of a resource is the peak of simplicity - just going to the resource URL in the browser. I understand that it is impossible to reach the same level of simplicity when testing a PUT method.
The following two assumptions should ease the task:
The request body is a json string prepared beforehand. Meaning, whatever is the solution to my problem it does not have to compose a json string from the user input - the user input is the final json string.
The REST engine I use (OpenRasta) understands certain URL decorators, which tell it what is the desired HTTP method. Hence I can issue a POST request, which would be treated as a PUT request inside the REST engine. This means, regular html form can be used to test the PUT action.
However, I wish the user to be able to enter the URL of the resource to be PUT to, which makes the task more complicated, but eases the testing.
Thanks to all the good samaritans out there in advance.
P.S.
I have neither PHP nor PERL installed, but I do have python. However, staying within the realm of javascript seems to be the simplest approach, if possible. My OS is Windows, if that matters.
I'd suggest using the Poster add-on for Firefox. You can find it over here.
As well as providing a means to inspect HTTP requests coming from desktop and web applications, Fiddler allows you to create arbitrary HTTP requests (as well as resend ones that were previously sent by an application).
It is browser-agnostic.
I use the RESTClient firefox plugin (you can not use an URL for the message body but at least you can save your request) but also would recommend curl on the command line.
Maybe you should also have a look at this SO question.