I'm injecting a Elm feature to an existing page written by PHP.
The data responded from server for an item has url : "this-is-detail-link.html" and I need to get the host name to concat with the url.
For example:
case Msg of
GoToDetailPage item ->
let
hostname = getHostNameFromElm // <- how can I get this?
// expected: http://example.com/this-is-detail-link.html
fullUrl =
Url.Builder.crossOrigin hostname item.url []
cmd =
Browser.Navigation.load fullUrl
in
(model, cmd)
I am using Browser.element
main =
Browser.element
{ init = init
, view = view
, update = update
, subscriptions = subscriptions
}
Try to search but not what I expect. It requires to use Browser.application, not a part like this.
Any suggestion?
Thanks in advance!
I've seen that you already solved it, but remember that you can always use Javascript through ports.
Here is an example app using ports to get the origin, please not that because Ellie renders inside an iFrame, I couldn't get the hostname directly. You just need to change to window.location.hostname.
https://ellie-app.com/8ggN625V8T6a1
Related
Having the following variables:
remote web presented in cordova
local files that the remote web asks for with the following code:
var url = "https://cdvfile/localhost/" + localFolder + "/www/cordova.js";
var element = document.createElement('script');
element.id = "cordova";
element.type = "text/javascript";
element.onerror = function () {
//error
}
element.onload = function () {
//success - code to be executed upon success
}
element.src = url;
document.body.appendChild(el);
This fails in WKWebView with the obvious error
[Error] Failed to load resource: A server with the specified hostname
could not be found. (cordova.js, line 0)
As you know, WKUrlSchemeHandler doesn't intercept http/https requests. An alternative is to use the dangerous [NSURLProtocol wk_registerScheme:#"https"]; private API trick (and it works but then it somehow screws up the request to load the page that includes the code above (doesn't add some cookies and some weird behavior).
I do have another alternative to inject via [userContentController addUserScript:script] but this requires modifying the remote web part in order to execute the code that follows the success of the script injection request.
I know it was previously possible to do all this with cdvfile:// in UIWebView but I am looking for a way to do all this WITHOUT modifying the remote (meaning, the url has to stay as you see it above. I've racked my brains for a few months now with this but can't come up with a solution. Please don't ask why I'm doing this or say that this is stupid etc, I have no choice, it's what I gotta do and it doesn't depend on me.
Please send help, thoughts, prayers etc
Thanks
I am using Sitecore GeoIp service to get the user country. When I am loading the page first time it is returing country = "N/A". But when I reload the page, it returns the correct country.
I am using following code to get the country.
var ipAddress = x.x.x.x;
var geoIpOptions = new GeoIpOptions
{
Ip = ipAddress,
MillisecondsTimeout = 1000,
Id = GeoIpManager.IpHashProvider.ComputeGuid(ipaddress)
};
var geoIpResult = GeoIpManager.GetGeoIpData(geoIpOptions);
string country = geoIpResult.GeoIpData.Country;
Please let me know if I am missing something to get the correct country on first load itself.
Thanks,
Alok...
Sitecore does not wait until the information has been obtained from the GeoIP service in case the response takes a long time. In order to force it to wait on the first request, you can install one of the packages mentioned in this kb article: https://kb.sitecore.net/articles/320734
I have tested this in a production implementation and it works well.
My question can look stupid but I need to get in touch and get a decision. I want to pass parameters to url without the parameters being seen in the url. this is to secure my server. Because the url looks like this
controller/edit/123
and the '123' is the user ID in the database.
I can simple do this
public function action_edit($id) {
get_db_info($id);
}
Is it possible to hide the parameter while redirecting to this url from a view? ie in the view file
// Do something to set the ID
<?php Kohana_Request::post("user_id", $id); ?>
Click
and get the ID like this
public function action_edit() {
$id = $this->request->post("user_id");
get_db_info($id);
}
But the problem I can't access the KOhana_Request instance and get this error
*Non-static method Kohana_Request::post() should not be called statically*
Can someone gives a secured approach to this ?
I think I found a solution by encoding and decoding the parameters.
Since Kohana 3.3 do not allow parameters in controller functions see .
I do this in my view
$user_id = Encrypt::instance()->encode($liste->user_id);
$encode_id = base64_encode($user_id);
$encode_ure_id = urlencode($encode_id);
And from the controller,
$encoded_id = urldecode($this->request->param('uri_id'));
$encode_base_url = base64_decode($encoded_id);
$user_id = Encrypt::instance()->decode($encode_base_url);
If this can help others.
I know how to generate a user key using the pastebin API, but how can I use this userkey to access a raw private paste?
I am using Lua for this.
Obtaining the raw paste bin output is not part of of the Pastebin API:
This option is actually not part of our API, but you might still want to use it. To get the RAW output of a paste you can use our RAW data output URL:
http://pastebin.com/raw.php?i=
Simply add the paste_key at the end of that URL and you will get the RAW output.
Since private pastes can only be seen by the user who created them, my guess is that they use the logincookie for authentication. In that case, you'll need to send it with the HTTP request.
In respect to implementing this in Lua, (since you haven't said which library you're using) I'm gonna go forth and recommend the HTTP module in LuaSocket or the wonderful Luvit (http://luvit.io).
Here is a ready example of the code for you:
local https = require('ssl.https')
https.TIMEOUT= 15
local private_raw_url="https://pastebin.com/raw/YOURPAGE" -- Change raw link
local user_name, user_password = "USER", "PASS" -- and user with password
local request_body = "submit_hidden=submit_hidden&user_name=".. user_name .. "&user_password=" .. user_password .. "&submit=Login"
local resp = {}
local res, code, headers, status = https.request ( {
method = 'POST',
url = "https://pastebin.com/login",
headers = {
Host = "pastebin.com",
["Content-Type"] = "application/x-www-form-urlencoded",
["Content-Length"] = string.len(request_body),
Connection = "keep-alive",
},
source = ltn12.source.string(request_body),
sink = ltn12.sink.table(resp),
protocol = "tlsv1",
verify = "none",
verifyext = {"lsec_continue", "lsec_ignore_purpose"},
options = { "all", "no_sslv2", "no_sslv3" }
} )
if not headers['set-cookie']:find('pastebin_user') then
print('bad login')
return
end
resp={}
local cookie = headers['set-cookie'] or ''
local cookie1, cookie2, cookie3 = cookie:match("(__cfduid=%w+; ).*(PHPSESSID=%w+; ).*(pastebin_user=%w+; )" )
if cookie1 and cookie2 and cookie3 then
cookie = cookie1 .. cookie2 .. cookie3
body, code, headers= https.request{
url = private_raw_url ,
headers = {
--Host = "pastebin.com",
['Cookie'] = cookie,
['Connection'] = 'keep-alive'
},
sink = ltn12.sink.table(resp)
}
if code~=200 then return end
print( table.concat(resp) )
else
print("error match cookies!" )
end
I know that this is a little late to answer the question but I hope this will help someone later on.
If you want to access raw private pastes, you will first need to list the pastes that the user has created. This is a part of the API. This requires the user to be logged in.
With this API you can list all the pastes created by a certain user.
You will need send a valid POST request to the URL below to access the
data:
http://pastebin.com/api/api_post.php
The response that you will get will be an XML response, as follows:
<paste>
<paste_key>0b42rwhf</paste_key>
<paste_date>1297953260</paste_date>
<paste_title>javascript test</paste_title>
<paste_size>15</paste_size>
<paste_expire_date>1297956860</paste_expire_date>
<paste_private>0</paste_private>
<paste_format_long>JavaScript</paste_format_long>
<paste_format_short>javascript</paste_format_short>
<paste_url>http://pastebin.com/0b42rwhf</paste_url>
<paste_hits>15</paste_hits>
</paste>
Once you have that, parse the XML to get the paste_key and the paste_private. You need to check the value of paste_private because you want private pastes only. The documentation says:
We have 3 valid values available which you can use with the
'api_paste_private' parameter:
0 = Public
1 = Unlisted
2 = Private (only allowed in combination with api_user_key, as you have to be logged into your account to access the paste)
So, if your paste has paste_private set to 2, get the paste_key for it.
Once you have the paste_key, use the API call to get the RAW paste. No username or password required once you have the paste key for the private paste.
Have fun!
I am trying to create and iOS app that takes a users credentials and verifies it with the AD server. Is there some built in library in xCode to do that, or is it third party?
Any advice on direction to look would be greatly appreciated.
Thanks
Zach
Ok, so this was the PHP i used to make the connection to the ldap server. i am not 100% sure what is happening here, i got this code from IT Coordinator at my company. I understand all the binding and searching parts, but i dont get the the ldap_set_option part of this whole thing. Anyway after setting it up this way, you can then call the URL of the php script and pass it parameters. take a look at the PHP, and the url example with be below.
<?php
//Connection parameters
$dn = "DC=network,DC=net";
$host = "ldap://ldap.network.com";
$port = 1111
$user = $_GET['user'];
$pass = $_GET['pass'];
//$user = "user#network.net";
//$pass = "pass";
$filter = "memberof";
$keyword = "CN=USSC_ALL,CN=Users,DC=network,DC=net";
$filter = "objectclass";
$keyword = "user";
$filter = "objectcategory";
$keyword = "CN=Person,CN=Schema,CN=Configuration,DC=network,DC=net";
//The real thing with PHP
if (!empty($keyword) and !empty($dn)) {
//Connect to the AD
$adConn = ldap_connect($host, $port) or die("Could not connect!");
//Set protocol verison
ldap_set_option($adConn, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("Could not set ldap protocol1");
//Set referrals... Won't work without this...
ldap_set_option($adConn, LDAP_OPT_REFERRALS, 0) or die ("Could not set ldap protocol2");
//Bind the user
$bd = ldap_bind($adConn, $user, $pass) or die ("Could not bind");
echo $bd;
//End binding
ldap_unbind($adConn);
} else {
echo "<p>No results found!</p>";
}
?>
</body>
</html>
Ok so now all you have to do is pass a username and password to the script and it will return the bind. that will give you either true or false. meaning if it bound successfully it is a correct combination of username and password.
this is how i am calling it:
http://192.268.192.1/ldap.php?user=(username here)&pass=(password here)
This is the approach that i took, and i think it is a very simple answer.
So what I have been able to find out is that i need to use PHP to do this. By creating a php file on the server, i can use built in ldap protocol to take a user name and password to the ldap server for verification. The query should then return true or false. As soon as i get this working ill post my code