I'm new to JSONP and I'm trying to access a cross domain file hosted on my webserver.
UPDATE: I found another solution to fix my issue: I used CORS for JQUERY of http://www.html5rocks.com/en/tutorials/cors/
Here is my js file:
var url = "myip:port/pgif.jsonp?callback=?"
var url2 = "http://puppygifs.tumblr.com/api/read/json?callback=?";
$.getJSON(url2, {
tags: "jquery",
tagmode: "any",
format: "json"
}, function (data) {
console.log("d= ", data);
});
}
);
When I try with url2, it works well but when I try with url to access my file on my webserver it doesn't.
Here is what I can see in the Network tab of Chrome Dev tools with url2 which works:
Request URL:http://puppygifs.tumblr.com/api/read/json?callback=jQuery19107969533477444202_1386114768597&tags=jquery&tagmode=any&format=json&_=1386114768598
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en,fr-FR;q=0.8,fr;q=0.6
Cookie:__utma=189990958.626465526.1385955515.1385955515.1385955515.1; __utmc=189990958; __utmz=189990958.1385955515.1.1.utmcsr=sarajchipps.com|utmccn=(referral)|utmcmd=referral|utmcct=/2011/01/using-jquery-ajax-calls-in-a-chrome-plugin.html
Host:puppygifs.tumblr.com
Proxy-Authorization:Negotiate TlRMTVNTUAADAAAAGAAYAIQAAABiAWIBnAAAAAwADABYAAAAEAAQAGQAAAAQABAAdAAAABAAEAD+AQAAFYKI4gYBsR0AAAAPwICK4LzPlRZWoe1WgJ+erkYATwBYAFQARQBMAGIAYQBzAHQAaQBkAGUAZgBIAFEAMAAyADcANAAzADUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+t3F+qb2rUYkHj2KQg3XtAEBAAAAAAAAanrqyYLwzgG/iL4+KqlreQAAAAACAAwARgBPAFgAVABFAEwAAQAQAFMAWQBEAFQATQBHADAAMQAEACIAZQBuAHQALgBmAG8AeAB0AGUAbAAuAGMAbwBtAC4AYQB1AAMANABTAFkARABUAE0ARwAwADEALgBlAG4AdAAuAGYAbwB4AHQAZQBsAC4AYwBvAG0ALgBhAHUABQAiAGUAbgB0AC4AZgBvAHgAdABlAGwALgBjAG8AbQAuAGEAdQAHAAgAanrqyYLwzgEGAAQAAgAAAAgAMAAwAAAAAAAAAAAAAAAAIAAA+jYk8RidWxnk5XJtyRLc7j6jPZX/e7BWswB5GZeS2JYKABAAAAAAAAAAAAAAAAAAAAAAAAkAIgBIAFQAVABQAC8AMQAwAC4AMgAwAC4AMQA2AC4AMQAwADAAAAAAAAAAAAAAAAAA2S3kxHzp0FstuiERqIRwqQ==
Proxy-Connection:keep-alive
Referer:http://ip:port/MyApp/index.html
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36
Query String Parametersview sourceview URL encoded
callback:jQuery19107969533477444202_1386114768597
tags:jquery
tagmode:any
format:json
_:1386114768598
Response Headersview source
Cache-Control:max-age=900
Connection:Keep-Alive
Content-Type:text/javascript
Date:Tue, 03 Dec 2013 23:52:57 GMT
Last-Modified:Sun, 03 Feb 2013 12:02:52 GMT
P3P:CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Proxy-Connection:Keep-Alive
Transfer-Encoding:chunked
Vary:X-UA-Device
Via:1.1 SYDTMG01
X-Cache-Metadata:
X-Robots-Tag:noindex
X-UA-Device:desktop
Here is what I can see in the Network tab of Chrome Dev tools with url which doesnt work:
Request URL:http://ip:port/pgif.jsonp?callback=jQuery1910627754604909569_1386116200762&tags=jquery&tagmode=any&format=json&_=1386116200763
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en,fr-FR;q=0.8,fr;q=0.6
Connection:keep-alive
Host:ip:port
Referer:http://ip:port/MyApp/index.html
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36
Query String Parametersview sourceview URL encoded
callback:jQuery1910627754604909569_1386116200762
tags:jquery
tagmode:any
format:json
_:1386116200763
Response Headersview source
Accept-Ranges:bytes
Access-Control-Allow-Origin:*
Content-Length:6616
Content-Type:application/javascript
Date:Thu, 01 Jan 1970 02:02:33 GMT
ETag:"68647623"
Last-Modified:Thu, 01 Jan 1970 01:23:16 GMT
Server:lighttpd/1.4.30
So as you can see, in the last one, I added Access-Control-Allow-Origin:* in the config of my lighttpd webserver, which doesnt improve the situation.
so I dont really understand, I receive an Ok answer from the webserver but my success function is never called.
Here is the JSONP file I'm trying to access on my webserver:
var tumblr_api_read = {"tumblelog":{"title":"puppy gifs"},"posts-start":0,"posts-total":"18"}
So, I didn't managed to make the JSONP work with my web server but I found a different way to solve my problem:
I followed the "CORS from JQuery" from html5rocks.com/en/tutorials/cors
And I'm now able to read my file sitting on my webserver.
It seems like if I want to edit my file, I would need to configure my web server to be able to handle the preflight request. As explained in x3dom.readthedocs.org/en/latest/notes/cors.html
Related
I am using wildfly-9 with java-8 on windows OS.
I have implemented changes in spring-boot to support Range with gzip compression/encoding.
consider below pseudo code code to get GZIPOutputStream from javax.servlet.ServletResponse.getOutputStream()
OutputStream gzos;
if(fileName.indexOf(".") > 0){
fileExtension = fileName.substring(fileName.lastIndexOf("."));
response.setContentType(DownloadUtil.getContentType(fileExtension));
}
String disposition = getContentDispositionParameter(request, fileName);
response.setHeader("Content-Disposition", disposition);
if(fileExtension.equalsIgnoreCase(".zip") || DownloadUtil.isGZipSuppored(request)==false || fileExtension.equalsIgnoreCase(".file")){
response.setHeader("Content-Length", String.valueOf(fileSize));
gzos = response.getOutputStream();
} else {
response.setHeader("Content-Encoding", "gzip");
gzos = new GZIPOutputStream(response.getOutputStream());
}
return new BufferedOutputStream(gzos);
Using this BufferedOutputStream object to send file's data with some other headers.
Facing issue in case of interruption while download file in chrome browser(i.e. service re-start while download file)
For initial download request
accept-encoding = gzip, deflate, br is passed while after interrupted download, when user resume download chrome browser is sending
accept-encoding = identity
Due to this I am not able to identify whether browser is supporting gzip encoding or not & So, I need to send non-gzip response.
Note: In firefox I am getting accept-encoding = gzip in Range request.
Initial request request/response header
============== Request headers===============
host=localhost:9097
connection=keep-alive
sec-ch-ua="Google Chrome";v="107", "Chromium";v="107", "Not=A?Brand";v="24"
sec-ch-ua-mobile=?0
sec-ch-ua-platform="Windows"
upgrade-insecure-requests=1
user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site=none
sec-fetch-mode=navigate
sec-fetch-user=?1
sec-fetch-dest=document
accept-encoding=gzip, deflate, br
accept-language=en-US,en;q=0.9
============== Response headers===============
Content-Disposition=attachment;filename="24371676.txt"
Accept-Ranges=bytes
ETag=24371676.txt_43371681_1667802564570
Last-Modified=Mon, 07 Nov 2022 06:29:24 GMT
Expires=Tue, 22 Nov 2022 12:16:13 GMT
Content-Encoding=gzip
Content-Range=bytes 0-43371680/43371681
Range request(resume after interrupted download) request/response header
============== Request headers===============
host=localhost:9097
connection=keep-alive
range=bytes=10373334-
if-range=24371676.txt_43371681_1667802564570
accept-encoding=identity
sec-fetch-site=none
sec-fetch-mode=navigate
sec-fetch-dest=empty
user-agent=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36
accept-language=en-US,en;q=0.9
============== Response headers===============
Content-Disposition=attachment;filename="24371676.txt"
Accept-Ranges=bytes
ETag=24371676.txt_43371681_1667802564570
Last-Modified=Mon, 07 Nov 2022 06:29:24 GMT
Expires=Tue, 22 Nov 2022 12:17:34 GMT
Content-Range=bytes 10373334-43371680/43371681
Is there any configuration or header needs to be added So, I can get request header accept-encoding=gzip, deflate, br and I can supply gzip response in chrome.
Edit: I have also refer: Issue making range requests in some browsers and seems like there is specification is changed
I got a problem which I dont understand.
I try to post data to my API in a form using the following code
formSubmit() {
const req =this.http.post('http://[ip]/api/login', {
id: '7',
username: 'PostTest',
password: 'studp123lan',
matrikelnr: 'winf303666',
email: 'winf303666#example.de',
email_verified: '1'
})
.subscribe(
res => {
console.log(res);
},
err => {
console.log("Error occured");
}
When I inspect it in the Chrome Developter tools, this is what I get:
Failed to load http://[ip]/api/login: Response for preflight has
invalid HTTP status code 404
register.component.ts:42 Error occured
And this is what I get in the network tab:
General:
Request URL:http://[ip]/api/login
Request Method:OPTIONS
Status Code:404 Not Found
Remote Address:[ip]:80
Referrer Policy:no-referrer-when-downgrade
Response Header:
Access-Control-Allow-Headers:Content-Type
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin:*
Content-Length:0
Date:Thu, 21 Dec 2017 09:00:35 GMT
Server:Kestrel
X-Powered-By:ASP.NET
Request Header:
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
Access-Control-Request-Headers:content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:[ip]
Origin:http://localhost:4200
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36
(KHTML, like Gecko) Chrome/63.0.3239.108 Safari/537.36
Somehow, this doesn't work. But when I Post the same data via Postman Post Request to the same URL, it works like a charm.
Can anyone explain and help?
Thanks.
404 is a page not found error : this means your endpoint isn't available at this address.
Sure, you make a postman call and it works : but did you create your postman call by hand, or used the interceptor to make it ? (The interceptor is a Chomr plugin that allows you to register all calls made by Chrome, into postman).
There must be something you have forgotten. Could you post your postman call, and if you can, try with the interceptor ?
I have runing bitcoind on ubuntu. bitcoin-cli works fine. I can not get working json rpc protocol
bitcoin.conf file:
testnet=0
rpcuser="bitcoinrpc"
rpcpassword="xxxxx"
rpcport=8332
rpcallowip="*"
server=1
http post request with url='http://bitcoinrpc:xxxxx#127.0.0.1:8332/' fails with 401 error.
request headers:
Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:en-US,en;q=0.8,ru;q=0.6,de;q=0.4,sr;q=0.2
Authorization:Basic Yml0Y29pbnJwYzp4eHh4eA==
Cache-Control:no-cache
Connection:keep-alive
Content-Length:53
Content-Type:text/plain
DNT:1
Host:127.0.0.1:8332
Origin:chrome-extension://fhjcajmcbmldlhcimfajhfbgofnpcjmb
Pragma:no-cache
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/51.0.2704.79 Chrome/51.0.2704.79 Safari/537.36
request post payload:
{jsonrpc: "2.0", method: "getinfo", params: []}
What is correct way for bitcoind json rpc autentification?
For future googlers: a possible problem is that the password should not contain the pound sign (#) as this is treated as a comment!
I have one api server backed with Zend Framework 2 with ZfrCors module to enable Cross-Origin Resource Sharing.
The server side zfrcors config::
<?php
/**
* This is the config file for ZfrCors. Just drop this file into your config/autoload folder (don't
* forget to remove the .dist extension from the file), and configure it as you want
*/
return array(
'zfr_cors' => array(
/**
* Set the list of allowed origins domain with protocol.
*/
'allowed_origins' => array('http://client.server'),
/**
* Set the list of HTTP verbs.
*/
'allowed_methods' => array('GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'),
/**
* Set the list of headers. This is returned in the preflight request to indicate
* which HTTP headers can be used when making the actual request
*/
'allowed_headers' => array('Authorization', 'Access-Control-Allow-Origin', 'content-Type', 'application/x-www-form-urlencoded', 'application/json', 'text/javascript', 'text/html'),
/**
* Set the max age of the preflight request in seconds. A non-zero max age means
* that the preflight will be cached during this amount of time
*/
'max_age' => 3600,
/**
* Set the list of exposed headers. This is a whitelist that authorize the browser
* to access to some headers using the getResponseHeader() JavaScript method. Please
* note that this feature is buggy and some browsers do not implement it correctly
*/
// 'exposed_headers' => array(),
/**
* Standard CORS requests do not send or set any cookies by default. For this to work,
* the client must set the XMLHttpRequest's "withCredentials" property to "true". For
* this to work, you must set this option to true so that the server can serve
* the proper response header.
*/
'allowed_credentials' => true,
),
);
While on login in the client side(My client side application is ember.js), it sends request to the api.server domain (localhost) . But in firefox after preflight request nothing happens. It just gives me 200 OK status message and sits there. However if I run the client application in Chrome, it does gets passed from preflight stage to actual request that was made.
This is my Firefox inspect element result while sending a post credentials to another domain :
Access-Control-Allow-Cred... true
Access-Control-Allow-Head... Authorization, Access-Control-Allow-Origin, Content-Type, application/x-www-form-urlencoded
Access-Control-Allow-Meth... GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Orig... http://client.server
Access-Control-Max-Age 0
Connection Keep-Alive
Content-Encoding gzip
Content-Length 20
Content-Type text/html
Date Tue, 04 Mar 2014 08:38:29 GMT
Keep-Alive timeout=5, max=100
Server Apache/2.2.22 (Ubuntu)
Vary Accept-Encoding
X-Powered-By PHP/5.4.9-4ubuntu2.4
Request Headersview source
Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding gzip, deflate
Accept-Language en-US,en;q=0.5
Access-Control-Request-He... content-type
Access-Control-Request-Me... POST
Cache-Control no-cache
Connection keep-alive
DNT 1
Host api.server
Origin http://client.server
Pragma no-cache
User-Agent Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0
The same request done in Chrome:
Preflight Stage:
Request URL:http://api.server/login
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:api.server
Origin:http://client.server
Referer:http://client.server/signin
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:Authorization, Access-Control-Allow-Origin, Content-Type, application/x-www-form-urlencoded
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin:http://client.server
Access-Control-Max-Age:0
Connection:Keep-Alive
Content-Encoding:gzip
Content-Length:20
Content-Type:text/html
Date:Mon, 03 Mar 2014 07:18:41 GMT
Keep-Alive:timeout=5, max=100
Server:Apache/2.2.22 (Ubuntu)
Vary:Accept-Encoding
X-Powered-By:PHP/5.4.9-4ubuntu2.4
The actual post request Headers:
Request URL:http://api.server/login
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:55
Content-Type:application/json; charset=UTF-8
Host:54.254.23.183
Origin:http://client.server
Referer:http://client.server/signin
User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.117 Safari/537.36
Request Payloadview source
{identity:pbehera, password:123, remember:true}
identity: "pbehera"
password: "123"
remember: true
Response Headersview source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://client.server
Access-Control-Expose-Headers:
Connection:Keep-Alive
Content-Length:31
Content-Type:application/json; charset=utf-8
Date:Mon, 03 Mar 2014 07:18:42 GMT
Keep-Alive:timeout=5, max=99
Server:Apache/2.2.22 (Ubuntu)
Vary:Origin
X-Powered-By:PHP/5.4.9-4ubuntu2.4
What I am doing wrong ? Also same case with Opera as Firefox.
The header field Access-Control-Allow-Origin: differs between Firefox and Chrome. The URL specified by this field must match the domain (host + port) of the page that the javascript is running on, since you specified that you are sending credentials. This is probably not the case for the Firefox request for some reason.
My attempt is to extract a table from this website.
The web is in Chinese, but basically, you can type your log-in details within those boxes lying above the big blue button in the middle of the web page. After logged-in, the table will appear in the middle of the page. NOTE: in /articlenew.html, only USERNAME and PASSWORD are required for log-in. Nothing else.
After authentication, the headers of the webs are shown as below:
Request URL:http://www.sxcoal.com/user/login.aspx
Request Method:POST
Status Code:302 Found
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en,en-GB;q=0.8,zh;q=0.6,zh-CN;q=0.4
Connection:keep-alive
Content-Length:39
Content-Type:application/x-www-form-urlencoded
Cookie:the_cookies
Host:www.sxcoal.com
Origin:http://www.sxcoal.com
Referer:http://www.sxcoal.com/coal/3478186/articlenew.html
User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Form Dataview sourceview URL encoded
username:myusername
password:mypassword
Response Headersview source
Cache-Control:private
Content-Length:167
Content-Type:text/html; charset=gb2312
Date:Thu, 14 Nov 2013 01:06:00 GMT
Location:http://www.sxcoal.com/coal/3478186/articlenew.html
Server:Microsoft-IIS/7.0
Set-Cookie:s_info=zhuhaiqinfa|15816; domain=sxcoal.com; path=/
X-AspNet-Version:2.0.50727
X-Powered-By:ASP.NET
I have tried to use the method shown by Gergely Daróczi. However, R couldn't log-in for some reasons. My guess is that /login.aspx (http:[DELETE]//www.[DELETE]sxcoal.[DELETE]com/user/login.[DELETE]aspx
)[sorry I haven't got enough 'reputation' to post more links.] nested in the /articlenew.html actually requires more things than just a username and a corresponding password. I put the headers of the /login.aspx at the end of the question.
Here is the code I used,
library(RCurl)
mycurl <- getCurlHandle()
agent <- "Mozilla/5.0"
curlSetOpt(cookiejar = "", followlocation = TRUE, useragent = agent, autoreferer = TRUE, curl = mycurl)
html <- getURL('http://www.sxcoal.com/user/login.aspx', curl = mycurl)
viewstate <- as.character(sub('.*id="__VIEWSTATE" value="([0-9a-zA-Z+/=]*).*', '\\1', html))
eventvalidation <- as.character(sub('.*id="__EVENTVALIDATION" value="([0-9a-zA-Z+/=]*).*', '\\1', html))
##checkcode <- ??????????????? ## can't define it as it changes
params <- list(
"txtuser" = "myusername",
"txtpass" = "mypassword",
"__VIEWSTATE" = viewstate,
"__EVENTVALIDATION" = eventvalidation,
"CheckCode" = checkcode,
"Button2" = ""
)
html <- postForm('http://www.sxcoal.com/user/login.aspx', .params = params, curl = mycurl)
The CheckCode is a validation code shown by a pic(http://www.sxcoal.com/CheckCode/CheckCode.aspx). Unlike the __VIEWSTATE and __EVENTVALIDATION, the CheckCode changes every time when you refresh the page.
And there is something every complicated as I don't know anything about website coding. It seems to me that the log-in details required by /login.aspx nested within /articlenew.html differ from those required by /login.aspx itself. Are there any methods that can fix the log-in details required by the web such that I don't need to deal with the validation code shown by a random picture? If not, can anyone know how I can take care of the validation picture?
Thanks in advance.
Request URL:http://www.sxcoal.com/user/login.aspx
Request Method:POST
Status Code:302 Found
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en,en-GB;q=0.8,zh;q=0.6,zh-CN;q=0.4
Connection:keep-alive
Content-Length:234
Content-Type:application/x-www-form-urlencoded
Cookie:the_cookies
Host:www.sxcoal.com
Origin:http://www.sxcoal.com
Referer:http://www.sxcoal.com/user/login.aspx
User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.101 Safari/537.36
Form Dataview sourceview URL encoded
__VIEWSTATE:whatever_it_is
txtuser:myusername
txtpass:mypassword
CheckCode:04854
Button2:
__EVENTVALIDATION:whatever_it_it_2
Response Headersview source
Cache-Control:private
Content-Length:170
Content-Type:text/html; charset=gb2312
Date:Thu, 14 Nov 2013 01:09:57 GMT
Location:http://www.sxcoal.com/?aspxerrorpath=/user/login.aspx
Server:Microsoft-IIS/7.0
X-AspNet-Version:2.0.50727
X-Powered-By:ASP.NET