Hello I want to make a request to a xml file for a value I want on Code by Zapier, but I get the error XMLHttpRequest is not defined. I also tried var XMLHttpRequest = require("xmlhttprequest").XMLHttpRequest; but it says Error: Cannot find module 'xmlhttprequest'.
While the XMLHttpRequest is available in most browsers, it is not distributed in Node, which is what the Code action is using. Specifically, the Javascript code action is running a Node v10.x.x environment. You can see all of the commands and methods supported by that environment here:
https://node.green/
The JS environment does support the Fetch library for making requests. Perhaps you can look into making this work?
https://github.com/node-fetch/node-fetch
Related
I'm following this tutorial to create a simple web app with a Microsoft 365 login. I'm currently getting this error when debugging locally (http://localhost:8080):
Warning:
mgt-loader.js:61 A parser-blocking, cross site (i.e. different eTLD+1) script, https://unpkg.com/#microsoft/mgt/dist/bundle/wc/webcomponents-loader.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
In Azure, I have the Redirect URIs set up to match (http://localhost:8080).
After some googling, I tried adding async, but then I get this warning and the login button doesn't appear:
mgt-loader.js:61 Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
What would be causing this warning and how can I fix it?
First, check out how document.write works: https://developer.mozilla.org/en-US/docs/Web/API/Document/write
You will understand why you cannot run document.write in asynchronous context (try running document.write('Hello world!'); in console on any page).
Warning tells you that a parser blocking (synchronous), cross site (not coming from the same domain as website) scripts can be blocked by Chrome in the future if someone has unstable or bad internet connection.
If you want it to run synchronously without that warning, you have to bundle that JS code with your own, or just serve it from your own origin, same as your website (e.g. localhost:8080). You can download #microsoft/mgt npm package and for bundling - use gulp, webpack or other tool of your choice.
https://unpkg.com/#microsoft/mgt#2.4.0/dist/bundle/wc/webcomponents-loader.js
This script tries to differentiate between async and sync contexts (line 175) and run document.appendChild (instead of write) for async context - but for some reason the check fails (readyState === loading).
https://developer.mozilla.org/en-US/docs/Web/API/Document/readyState
How to check if an Javascript script has been loaded Asynchronously (Async) or async attribute is present?
If you want to run this in non-blocking manner, you could try to fix the script by yourself.
There is a Github repo for that toolkit (https://www.npmjs.com/package/#microsoft/mgt), but there is no issue regarding async loading, nor regarding the warning that you have noticed - so maybe nobody else has noticed or thought about it yet.
you all might know that browsers do preflighted HTTP requests in some cases:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS#Preflighted_requests
My web application is still on Symfony1. I want to implement a RESTful service and therefore using Symfony routing to allow specific HTTP request methods like GET or POST (http://symfony.com/legacy/doc/reference/1_4/en/10-Routing#chapter_10_sub_sf_method).
Example:
login:
url: /v1/login
class: sfRequestRoute
param: { module: rest, action: login }
requirements:
sf_method: [post, put, delete]
#sf_method: [options] NOT WORKING
It seems to me that OPTIONS requests cannot be defined/handled as sf_method value. Because I couldn't find any information if my idea is right, I'm wondering if I'm right or maybe there is a solution I couldn't find, too.
Thanks in advance!
Sorry to revive this old question but I found a solution. I ran into the same issue and I added the request method OPTIONS to the allowed methods in lib/sfRequest.class.php and lib/sfWebRequest.class.php You can check the latest commit here to see the differences: 6ad018c
Since I cannot update the original Symfony1 GitHub repository, I created a copy with additional fixes needed due to the various PHP upgrades. This fixes the PHP deprecated warnings due to use of the /e modifier in preg_replace calls as well.
Note that this still doesn't make Symfony1 PHP7 compatible. I'm running this successfully with PHP 5.6.30
The repository is https://github.com/diem-project/symfony.git
Background: Diem uses Symfony1 (1.4.20), hence the GitHub organisation diem-project
I have code that looks something like this (_http is the angular Http object)
var httpFuture = _http.post('/api/items', {
'ids': JSON.encode(new List.from(nonLoadedIds))
});
httpFuture.catchError((e) {
Logger.root.severe('Unable to load items!', e);
});
It is making a post request to load a bunch of things. Potentially more ids than the http get header can handle.
The nice development experience would be if I could fire up the dart editor, mock up some fake response data, run my app, and see the data in the end. I would also accept being able to start up a separate web app and somehow proxy my post requests to that web app.
What I don't want to do is change my '/api/items' into something like 'http://localhost:8084/api/items' mostly because I don't want to have to remember to replace these before deploying (I know I'll forget) and while doable, I don't want to on my server implement CORS just to have to remember to disable it when I deploy to production.
But really, I would accept just about any workflow if it is recommended. I just would like to eliminate any manual code transformations pre production deploy.
The suggested attempt is to use a simple proxy server which forwards to pub serve.
See for example https://code.google.com/p/dart/issues/detail?id=18039
This issue contains the source code for a simple custom proxy server example https://code.google.com/p/dart/issues/detail?id=15731
see also
Dart: How to use different settings in debug and production mode?
How to achieve precompiler directive like functionality
Is there a compiler preprocessor in Dart?
I am going through the process of updating a Google Chrome extension from Manifest v1 to Manifest v2. I won't say that things have been going swimmingly, largely due to outdated documentation at Google's own Chrome Extensions website.
Here is the latest:
Google's documentation for using OAuth from within an extension tells me to include the following three files in my manifest:
chrome_ex_oauth.html
chrome_ex_oauth.js
chrome_ex_oauthsimple.js
The first of these files, chrome_ex_oauth.html, is basically the redirect page that is opened when an extension first uses OAuth to get an initial request token. In the updated version of this very spare webpage, the head section lists three javascript files to load: the two listed above, and one called:
onload.js
When chrome_ex_oauth.html is opened by my extension, I get no indication of errors beyond a failure to load the non-existent 'onload.js' file. Clearly, I am missing something here. The OAuth sequence never succeeds in completing, and indeed there is no indication that it is ever initiated.
Does anybody know what I'm doing wrong?
After posting this question, I compared the old and new versions of chrome_ex_oauth.html. I saw that in the former, while there was no mention of the onload.js script, there was the following in the head:
<script type="text/javascript">
function onLoad() {
ChromeExOAuth.initCallbackPage();
};
</script>
This function was called inline:
<body onload="onload();">
...
As of Manifest v2, it is my understanding that inline javascript is strictly prohibited, so this couldn't fly. A call to load onload.js was added to the document head instead. It looks as if a link to the actual file in Google's documentation was overlooked. It's easy enough to write, but here is what I put in onload.js:
window.onload = function() { ChromeExOAuth.initCallbackPage(); };
After that, the redirect worked just fine and I was able to complete the OAuth process.
Let me know if it doesn't work for you.
I am trying to create a chrome extension that calls my rails app's api. currently the api returns json and it works fine, however when I try to build it into a chrome extension, it says :
Refused to load script from 'http://mysite.com/demo?q=hello?callback=jQuery16409466155741829425_1342489669670&_=1342489677171' because of Content-Security-Policy.
I looked up the document http://code.google.com/chrome/extensions/contentSecurityPolicy.html and it sounds like I can't do this unless I implement my site into a https version. (under "Relaxing the default policy" section) I am not sure if I understood correctly and it feels ridiculous to make such a big change just because of this. Am I misunderstood? Or is there a workaround to this? Thank you.
In a Chrome extension, cross-site XMLHttpRequests are allowed, provided that you define the source in the manifest file - see http://code.google.com/chrome/extensions/xhr.html.
A JSONP implementation loads an external script using the <script> tag, and inserts it in the document. Unless the source is whitelisted through the "content_security_policy" entry, JSONP cannot be used when manifest version 2 is active (do not use manifest v1 to overcome this, because it's deprecated, and a suitable alternative already exist).
When you're unable to receive a JSON response instead of JSONP, use an ordinary request to fetch the data, cut off the callback, then parse it. Eg:
// response is the response from the server
// Received through `XMLHttpRequest`, jQuery.ajax, or whatever you used
// cuts of jQuery....( and the trailing )
response = response.replace(/^[^(]*\(/, '').replace(/\);?$/, '');
By default browsers do not allow this because of the same origin policy.
However you can get around this by making a jsonp request.
As you using jquery this super easy with getJSON method