In my hapijs app, given a Request object, how can I find the original, unparsed, unmodified URL?
function getRequestUrl (request) {
return ...; // What goes here?
}
I've found that I can piece it together somewhat from Request.info.host, Request.path, and Request.query, but it lacks the scheme (ie, http vs https), and is a bit of a kludge. Isn't the plain URL available somewhere?
The full URL isn't stored somewhere you can get it. You need to build it yourself from the parts:
const url = request.connection.info.protocol
+ '://'
+ request.info.host
+ request.url.path;
Even though it might seem kludgey, it makes sense if you think about it because there is no original, unparsed, unmodified URL. The HTTP request that goes over the wire doesn't contain the URL as typed into the browser address bar for instance:
GET /hello?a=1&b=2 HTTP/1.1 // request.url.path
Host: localhost:4000 // request.info.host
Connection: keep-alive
Accept-Encoding: gzip, deflate, sdch
...
And you only know the protocol based on whether the hapi server connection is in TLS mode or not (request.connection.info.protocol).
Things to be aware of
If you check either:
request.connection.info.uri or request.server.info.uri
the reported hostname will be the hostname of the actual machine that the server is running on (the output of hostname on *nix). If you want the actual host the person typed in the browser (which might be different) you need to check request.info.host which is parsed from the HTTP request's Host header)
Proxies and X-Forwarded-Proto header
If your request got passed through a proxy(ies)/load balancers/HTTPS terminators, it's possible somewhere along the line HTTPS traffic got terminated and was sent to your server on an HTTP connection, in this case you'll want use the value of the x-forwarded-proto header if it's there:
const url = (request.headers['x-forwarded-proto'] || request.connection.info.protocol)
+ '://'
+ request.info.host
+ request.url.path;
With template strings:
const url = `${request.headers['x-forwarded-proto'] || request.connection.info.protocol}://${request.info.host}${request.url.path}`;
hapi-url solves this exact problem. It is prepared to work with X-Forwarded headers to run behind a proxy. There is also an option to override the automatic resolution if the library is not able to resolve the URL correctly.
I use the following syntax now (using coffee script):
server.on 'response', (data) ->
raw = data.raw.req
url = "#{data.connection.info.protocol}://#{raw.headers.host}#{raw.url}"
console.log "Access to #{url}"
Or as javascript:
​server.on('response', function(data) {
var raw = data.raw.req;
var url = data.connection.info.protocol + "://" +
raw.headers.host + raw.url;
console.log("Access to " + url);
});
That gives you the exact URL like the user requested it.
You can't get the URL. You have to generate it. I'm using this one:
const url = request.headers['x-forwarded-proto'] + '://' +
request.headers.host +
request.url.path;
nowadays there is simply request.url:
https://hapi.dev/api?v=20.2.0#-requesturl
Related
I cannot make post request (get works fine) with espruino.
I've already checked the documentation and it seems pretty equal
here is my code:
let json = JSON.stringify({v:"1"});
let options = {
host: 'https://******,
protocol: 'https',
path: '/api/post/*****',
method: 'POST',
headers:{
"Content-Type":"application/json",
"Content-Length":json.length
}
};
let post = require("http").request(options, function(res){
res.on('data', function(data){
console.log('data: ' + data);
});
res.on('close', function(data){
console.log('Connection closed');
});
});
post.end(json);
The espruino console only return the 'connection closed' console.log.
The node.js server console (hosted on heroku and tested with postman) dont return anything.
Obv the esp8266 is connected to the network
What you're doing looks fine (an HTTP Post example is here), however Espruino doesn't support HTTPS on ESP8266 at the moment (there isn't enough memory on the chips for JS and HTTPS).
So Espruino will be ignoring the https in the URL and going via HTTP. It's possible that your server supports HTTP GET requests, but POST requests have to be made via HTTPS which is why it's not working?
If you did need to use HTTPS with Espruino then there's always the official Espruino WiFi boards, or I believe ESP32 supports it fine too.
you're using a package called "http" and then trying to send a request over https. You should also log out 'data' in the res.close so you can get some errors to work with.
I programmed my ESP8266 to read the soil moisture. Depending on the moisture a water pump gets activated. Now I wanted the ESP to tweet different sentences, depending on the situation.
Therefore I connected my twitter account to thingspeak.com and followed this code
Connecting to the internet works fine.
Problems:
It does not tweet every time and if it tweets, only the first word from a sentence shows up at twitter.
According to the forum, where I found the code, I already tried to replace all the spaces between the words with "%20". However then nothing shows up at twitter at all. Also single words are not always posted to twitter.
This is the code I have problems with:
// if connection to thingspeak.com is successful, send your tweet!
if (client.connect("184.106.153.149", 80))
{
client.print("GET /apps/thingtweet/1/statuses/update?key=" + API + "&status=" + tweet + " HTTP/1.1\r\n");
client.print("Host: api.thingspeak.com\r\n");
client.print("Accept: */*\r\n");
client.print("User-Agent: Mozilla/4.0 (compatible; esp8266 Lua; Windows NT 5.1)\r\n");
client.print("\r\n");
Serial.println("tweeted " + tweet);
}
I don't get any error messages.
Maybe you could help me to make it visible if the tweet was really sent and how I manage to tweet a whole sentence.
I am using the Arduino IDE version 1.8.9 and I am uploading to this board
The rest of the code works fine. The only problem is the tweeting.
Update
I now tried a few different things:
Checking server response
Works and helps a lot. The results are:
Single words as String don't get any response at all
Same for Strings like "Test%20Tweet"
Strings with multiple words like "Test Tweet" get the following response and the first word of the String shows up as a tweet
HTTP/1.1 200 OK
Server: nginx/1.7.5
Date: Wed, 19 Jun 2019 18:44:22 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Status: 200 OK
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: origin, content-type, X-Requested-With
Access-Control-Max-Age: 1800
ETag: W/"RANDOM_CHARS"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: THE_ID
1
I think the Content-Length might be the problem?
But I don't know how to change it in this code.
Checking if the connection succeded
I implemented this into my code an it never shows up on the monitor. So I think i never have a problem with not connecting.
Use a hostname instead of IP address
I tried it and never got a bad request. On the other hand nothing shows up on twitter at all.
Check if your tweet variable contains any new-line characters (carriage return or line feed). For example, the following variable would cause problems
String tweet = "Tweet no. 1\r\n";
due to the new-line characters at the end. These characters will cause the first line of the HTTP request to be cut short. I.e., instead of
GET /apps/thingtweet/1/statuses/update?key=api_key&status=Tweet no. 1 HTTP/1.1\r\n
it would become
GET /apps/thingtweet/1/statuses/update?key=api_key&status=Tweet no. 1\r\n
and the server would reject it with a 400 (Bad request) error.
On the other hand
String tweet = "Tweet no. 1";
would be fine.
If your tweets may contain such characters, then try encoding them before passing them to client.print():
tweet.replace("\r", "%0D");
tweet.replace("\n", "%0A");
Use a hostname instead of IP address
According to https://uk.mathworks.com/help/thingspeak/writedata.html, the relevant hostname for the API you are using is api.thingspeak.com. Use that instead of the IP address. This is preferable because the IP address a hostname points to can change regularly. (The IP address you are using doesn't even seem to be correct - and may already be out of date.)
I.e., change
if (client.connect("184.106.153.149", 80)) {
to
if (client.connect("api.thingspeak.com", 80)) {
API endpoint
Are you sure you are using the correct API endpoint? According to the link above, it looks like the API endpoint you need is https://api.thingspeak.com/update.json - so you may need to change
client.print("GET /apps/thingtweet/1/statuses/update?key=" + API + "&status=" + tweet + " HTTP/1.1\r\n");
to
client.print("GET /update.json?api_key=" + API + "&status=" + tweet + " HTTP/1.1\r\n");
Check if the connection succeeded
Presently, your device sends the HTTP request if connects to the server successfully - but doesn't give any indication if the connection fails! So add an else block to handle that scenario and notify the user via the serial console.
if (client.connect("api.thingspeak.com", 80)) {
client.print("GET /apps/thingtweet/1/statuses/update?key=" + API + "&status=" + tweet + " HTTP/1.1\r\n");
// etc.
}
else {
Serial.println("Connection to the server failed!");
}
Checking server response
To check the response from the server, add the following block to your main loop - which will print the server response via the serial console.
delay(50);
while (client.available()) {
String response_line = client.readString();
Serial.println(response_line);
}
To clarify: that code should go inside your loop() function.
The response should include a status line - such as HTTP/1.1 200 OK if the request was successful, or HTTP/1.1 400 Bad Request if there was a problem.
In the case of a Bad request response, the full message will quite likely contain more information about the precise reason the request failed.
HTTP vs HTTPs
Lastly, are you sure that the API supports (plain, unencrypted) HTTP as well as HTTPs? If not, that may be your problem.
I have HTTPS server running on port 4443 and am using port forwarding to send 443 -> 4443 so in the browser you can't tell
In my OAuth settings when I use https://www.domain.com:4443/callback I get the response but in the popup it can't access the parent and I get this Chrome error
Blocked a frame with origin "https://www.domain.com:4443" from accessing a
frame with origin "https://www.domain.com". Protocols, domains, and ports must match.
When I change the url in the OAuth to 443 I get the beloved
`Invalid redirect_uri. This value must match a URL registered with the API Key.`
The only way I can think of is checking via javascript if the port is is the url, and if so to redirect to the url without the port.
Are there any more elegant solutions?
Since nobody has come up with an elegant solution, I thought I'd put my Javascript redirect answer.
What I did was, inside the window that accepts the redirect whose URL will look something like https://www.domain.com:4443/callback?aribtrary_data=1231252...etc... I wrap my callback code inside a try statement. If it fails, I redirect the current page to the same URL minus the port numbers.
Here's my Jade popup window solution which attempts to call the parent window upon finishing.
doctype html
html
head
title Authentication Popup
script.
var service = !{JSON.stringify(service)},
callback = 'on' + service.name + 'Auth';
window.onload = function () {
try {
window.opener[callback](service.error, service);
window.close();
} catch (e) {
window.location = window.location.href.replace(/(\.com)(:\d{3,4})?/, '$1');
}
}
body
| Closing in 1...
I'm trying to find out if a play 2 (with scala) app is running on http or https
I tried with routes.Application.index.absoluteURL(request), like this
def chatUri(username: String)(implicit request: RequestHeader): String = {
val uri = routes.Application.index.absoluteURL(request)
but I get the following error:
/home/sas/tmp/websocket-chat/app/controllers/Application.scala:51: overloaded method value absoluteURL with alternatives:
[error] (secure: Boolean)(implicit request: play.api.mvc.RequestHeader)java.lang.String <and>
[error] (play.mvc.Http.Request)java.lang.String
[error] cannot be applied to (play.api.mvc.RequestHeader)
[error] val rootUri = Uri(routes.Application.index.absoluteURL(request))
I tried to transform the RequestHeader into a Request, but I get the following error
val rootUri = Uri(routes.Application.index.absoluteURL(request.asInstanceOf[Request[Any]]))
(secure: Boolean)(implicit request: play.api.mvc.RequestHeader)java.lang.String <and>
[error] (play.mvc.Http.Request)java.lang.String
[error] cannot be applied to (play.api.mvc.Request[Any])
[error] val rootUri = Uri(routes.Application.index.absoluteURL(request.asInstanceOf[Request[Any]]))
Any idea how can I achieve it?
Must say I'm surprised about problems with getting absolute url in Scala, AFAIR in Java it works well, anyway... I doubt if it will help you to determine the protocol (edit: as #MariusSoutier wrote)
As there's no built-in support for SSL in Play 2 most probably you are using (or you should use) some HTTP server on front of your application, let's say Apache. There are some samples and posts describing the proccess:
Take a look at topic: How to config PlayFramework2 to support SSL? Nasir gives there a sample of configuring the Apache as a proxy for Play
There's also nice description of configuring Apache as a proxy (warning the posts describes the Play 1.x, however Apache part will be the same)
Finally you need to to set the proper headers which will be forwarded to your app
so after setting the headers (as showed in point 3) you'll be able to check it in your controller:
def index = Action { request =>
val proto = request.headers("X-FORWARDED-PROTO")
Ok("Got request [" + request + "] with schema: " + proto )
}
or the same in Java controller:
public static Result index() {
String proto = request().getHeader("X-FORWARDED-PROTO");
return ok("Got request [" + request() + "] with schema: " + proto);
}
First off, by creating an absolute URL, you cannot find out if the app is running on http or https - take a look at the method signature:
def absoluteURL (secure: Boolean = false)(implicit request: RequestHeader): String
That's right, you have to tell this method whether or not you want secure.
I think this is because Play was designed to working behind a reverse proxy which makes it transparent to use encrypted requests. That means Play shouldn't have to care about this. absoluteURL can only enforce https URLs, for example to make sure a login page uses https.
Depending on your reverse proxy, you can set a custom http header that tells you what is used. RequestHeader doesn't have the information.
I'm trying to send an XMLHttpRequest object to my Rails server but the headers are causing my function to stop. Here are my observations:
When I comment out the 3 lines of code that set the headers, then xhr.readyState will eventually equal 4 (alert boxes within the anonymous function fire off).
If any one of the 3 header lines are uncommented, then the xhr object never changes state (none of the alert boxes ever fire off).
function saveUserProfile(){
var user_email = $('#userEmail_box').val();
var xhr = new XMLHttpRequest();
xhr.onreadystatechange=function(){
if (xhr.readyState==4 && xhr.status==200)
{
alert("Yes: " + xhr.readyState);
}
alert("No: " + xhr.readyState);
}
var method = 'POST';
var params = 'userEmail=user_email';
var url = 'http://localhost:3000/xhr_requests.json';
var async = true;
//Need to send proper header information with POST request
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.setRequestHeader('Content-length', params.length);
xhr.setRequestHeader('Connection', 'close');
xhr.open(method, url, async);
xhr.send(params);
}
My three questions are:
What do I need to change in the code above in order to send data through the POST method?
I'm under the impression that the POST method requires some headers to be sent but am not clear about which ones though "xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');" seems to be one that is often mentioned in references. Can somebody help me understand a) why headers need to be sent and b) which ones need to be sent?
I'm using a rails server and am developing locally. Ultimately, this code will be executed on the client side of a mobile device which will go to a hosted rails server for passing and receiving data. Are there limitations with using the POST method with a rails server? Keep in mind that I plan to use JSON when sending information to the client from the server.
Thanks!
UPDATE: The headers should come AFTER the opening the xhr request but BEFORE sending it:
xhr.open(method, url, async);
xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
xhr.setRequestHeader('Content-length', params.length);
xhr.setRequestHeader('Connection', 'close');
xhr.send(params);
Hope this post saves somebody else 4 hours.
Does your web page with the JavaScript code also live on localhost:3000? If not, this is considered a cross-domain request, and your server will need to return special headers. So you have two options:
1) Host the web page on the same domain as the server, which will make this a same-domain request.
2) Have your server return the appropriate CORS headers. You can learn more about CORS here: http://www.html5rocks.com/en/tutorials/cors/