Tag: post

Cookies missing on a xhr request on response header

Post author By Full Stack
Post date April 8, 2021
No Comments on Cookies missing on a xhr request on response header

So I have this php code on a.com/test.php <?php require_once ‘wp-blog-header.php’; // get WordPress core status_header(200); // WP way of saying the response it 200 (OK) // allow CORS ; header(‘Access-Control-Allow-Origin: http://b.com’); header(‘Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS’); header(‘Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token’); header(‘Access-Control-Allow-Credentials: true’); // allow credentials print_r($_COOKIE); // show cookies die(); // bye […]

Tags 'PUT', {credentials: 'include'})).then(a=>a.text()).then(console.log) ; // make sure we're not getting a cached response. My problem is that access, //['Content-Type', but I am also logged in and there are a bunch more) but with the ajax call from b.com that is empty. What am I missing, DELETE, open devTools and paste in: fetch('http://a.com/test.php?cache='+Date.now(), OPTIONS'); header('Access-Control-Allow-Headers: Origin, PATCH, post, So I have this php code on a.com/test.php <?php require_once 'wp-blog-header.php'; // get WordPress core status_header(200); // WP way of, why can't the script on a.com see cookies on it's own domain? I am not trying to get cookies back to b.com . Main goal is to find out on b.co, X-Auth-Token'); header('Access-Control-Allow-Credentials: true'); // allow credentials print_r($_COOKIE); // show cookies die(); // bye An

Mastering Development

MS Graph SDK How to Add/Update a Schema Extension property to a User object

Post author By Full Stack
Post date April 1, 2021
No Comments on MS Graph SDK How to Add/Update a Schema Extension property to a User object

I’m having real trouble finding any code examples in how to add a Schema Extension value against a User in Azure AD. So far I have successfully created my own schema extension, marked as ‘User’ TargetType, and updated the status as ‘Available’. This was all achieved through the MS Graph SDK Below is a screenshot […]

Tags _scopeFactory); } catch (ServiceException ex) { // Graph service exception friendly message var errorMessage = ex.Error.Message;, _scopeFactory); ModelState.AddModelError(string.Empty, "{\"name\":\"Template1\"}"} }; try { await graphClient.Users .Request() .AddAsync(user); LogData = "New U, "\n Passwords do not match!"); return Page(); } else { user.PasswordProfile = new PasswordProfile {, "device", }; } } user.AccountEnabled = AccountEnabled; user.JobTitle = TenantUser.JobTitle; user.Department = TenantUser.Department; user.Employee, $"User with Id = {currentUser.Id}", and updated the status as 'Available'. This was all achieved through the MS Graph SDK Below is a screenshot showing the extension I created, and user resource types as well. You can carry out operations similar to the request examples in this article on any of those resources. Can, as well as using a filtered search for all users in my tenant that have a certain value set in their profile for this particular extension?, created: "", currentUser.Forename, currentUser.id);, currentUser.Surname, currentUser.Username, errorMessage + " Error creating the User.\n Please check the system logs for details"); return Page(); }, Event}, I have implemented his code example in adding the schema extension as "AdditionalData" when creating a new user. I havent managed to get this, I'm having real trouble finding any code examples in how to add a Schema Extension value against a User in Azure AD. So far I have successfu, just a single property exists called 'name' that is set to a type string. I now want to perform the following functions: Create a new user, logData, marked as 'User' TargetType, message, MS say the following: Note: This topic shows you how to create and read schema extension values on a group resource (steps 3-5). The same met, NOT the SDK which I am using in my app. In addition their only example given is adding a schema extension when creating a new Group. https:/, null, object>() { {"ext7bxc3e0l_appRoleTemplate", Organization, post, User>();, UserFullName, users

Mastering Development

Code efficiency/performance improvement in Pushshift Reddit web scraping loop

Post author By Full Stack
Post date March 28, 2021
No Comments on Code efficiency/performance improvement in Pushshift Reddit web scraping loop

I am extracting Reddit data via the Pushshift API. More precisely, I am interested in comments and posts (submissions) in subreddit X with search word Y, made from now until datetime Z (e.g. all comments mentioning "GME" in subreddit /rwallstreetbets). All these parameters can be specified. So far, I got it working with the following […]

Tags 'body': 'comment'}, 'score']]) # Convert UNIX to datetime df_comments["date"] = pd.to_datetime(df_comments["date"], 'score']]) elif object_type == "submission": df2.rename(columns={'created_utc': 'date', 'selftext': 'post'}, "score"]) elif object_type == "submission": global df_posts df_posts = pd.DataFrame(columns=["date", "score"]) print(f"\nLooping through {object_type}s and append to dataframe...") count = 0 previous_epoch = int(start_time.t, comment}, filter_string)+str(previous_epoch) json_text = requests.get(new_url) time.sleep(1) # pushshift has a rate limit, I am extracting Reddit data via the Pushshift API. More precisely, I am interested in comments and posts (submissions) in subreddit X with search word Y, I do have some performance issues. Due to the fact that I paginate based on created_utc - 1 (and since I do not want to miss any comments/pos, I got it working with the following code: import pandas as pd import requests from datetime import datetime import traceback import time imp, if we send requests too fast it will start returning error messages try: json_data = json.loads(json_text.text) e, inplace=True) # Drop duplicates (see last comment on https://www.reddit.com/r/pushshift/comments/b7onr6/max_number_of_results_return, inplace=True) df_comments = df_comments.append(df2[['date', inplace=True) df_posts = df_posts.append(df2[['date', inplace=True) df_posts.dropna(subset=['post'], made from now until datetime Z (e.g. all comments mentioning "GME" in subreddit /rwallstreetbets). All these parameters can be specified. So, np.nan, or search word's history # or fill in all to download a specific users history from a specific subreddit mentioning a specific word filter_s, performance wise? Any input would be very much appreciated., post, subreddit's, the duplicates are added to the dataframe and only after the loop, the initial dataframe will contain duplicates (since there won't be 100 (=API limit) new comments/posts every new second). If I run the code, they are removed. Is there a way to make this more efficient? E.g. to check within the for loop whether the object already exists in the data, this will result in a huge dataframe which takes considerably long to process. As the code is right now, unit='s') # Drop blank rows (the case when posts only consists of an image) df_posts['post'].replace('', unit='s') df_posts["date"] = pd.to_datetime(df_posts["date"]

Mastering Development

Moodle Web Services How to add multiple files to assignment submissions

Post author By Full Stack
Post date March 25, 2021
No Comments on Moodle Web Services How to add multiple files to assignment submissions

So recently I worked with moodle web service and it’s kinda pain to work with due to the hard to understand documentation it self. So I want to save user submission and it is saved. But the problem is, the api will remove existing attachment (file(s)) and replace with new one. I am using the […]

Tags 'Accept' => 'application/json, 'Access-Control-Allow-Headers: Origin, 'PUT', "Access-Control-Allow-Method": 'GET, } var data = { assignmentid: 4, // convert json to multipart data: jsonToFormData(data) } await axios(conf) .then(r=>{ console.log(r) }) .catch(e=>{, //['Content-Type', Accept, also I am keep trying with insomnia to test the API var params = { wstoken:'MYTOKEN', DELETE, header: { 'Access-Control-Allow-Origin': '*', moodlewsrestformat:'json', OPTIONS, params = params, PATCH, plugindata[files_filemanager]:729767390 // id from core_files_upload } var conf = { method:'POST', plugindata[onlinetext_editor][format]:1, plugindata[onlinetext_editor][itemid]:2, plugindata[onlinetext_editor][text]:'Hello World', post, So recently I worked with moodle web service and it's kinda pain to work with due to the hard to understand documentation it self. So I want, the api will remove existing attachment (file(s)) and replace with new one. I am using the mod_assign_save_submission service. The documentat, url: 'https://MY.MOODLE/webservice/rest/server.php', wsfunction:'mod_assign_save_submission'

Mastering Development

CORS blocking post requests in javascript

Post author By Full Stack
Post date March 25, 2021
No Comments on CORS blocking post requests in javascript

im making an api using Javalin and trying to send data to it from javascript, however i get cors errors whenever i try to do so. i can recieve data just fine but not send data. Here is my error: Response to preflight request doesn’t pass access control check: It does not have HTTP ok […]

Tags 'BARNACLES': 'custom header value' }, 'body': JSON.stringify(ourCustomSuper) }) .then( function(daResponse){ console.log(daResp, 'PUT', "*"); context.header("Access-Control-Allow-Methods: GET, "bounty": 0 } fetch(`http://localhost:8000/api`, "superpower": "person atmosphere", { method: 'POST', //['Content-Type', context ->{ context.header("Access-Control-Allow-Origin", DELETE, headers: { "Content-Type": "application/json" }, however i get cors errors whenever i try to do so. i can recieve data just fine but not send data. Here is my error: Response to preflight re, im making an api using Javalin and trying to send data to it from javascript, OPTIONS"); context.header("Access-Control-Allow-Headers: Origin, PATCH, post, X-Auth-Token"); System.out.println("The endpoint method has fired"); context.result("endpoint handler has fired"); co

Mastering Development

AWS S3 getSignedUrl() returns a 403 Forbidden Error

Post author By Full Stack
Post date March 20, 2021
No Comments on AWS S3 getSignedUrl() returns a 403 Forbidden Error

I’m trying to get a pre-signed URL from s3.getSignedUrl, so I could directly upload a file/image from the client react side. I get a URL but whenever I open that link or if I try to make put a request on that URL from the client, I always get a 403 forbidden error. I’m not […]

Tags 'allowedHeaders' => ['*'], 'allowedOrigins' => ['*'], "Action": [ "s3:GetObject", "AllowedMethods": [ "GET" ], "AllowedMethods": [ "PUT", "AllowedOrigins": [ "https://ticketing.dev" ], "contentType" : "image/jpeg" }, "Effect": "Allow", "ExposeHeaders": [ "x-amz-server-side-encryption", "ExposeHeaders": [], "Id": "Policy1616259705897", "MaxAgeSeconds": 3000 }, "MaxAgeSeconds": 3000 } ] I'm unable to resolve this issue. Please bear with me, "Principal": "*", "Resource": "arn:aws:s3:::my-first-s3-bucket-1234567/*" } ] } // S3 CORS [ { "AllowedHeaders": [ "*", "s3:GetObjectAcl", "Statement": [ { "Sid": "Stmt1616259703206", "x-amz-id-2": "...", "x-amz-request-id", { Bucket: 'my-first-s3-bucket-1234567', }, }); const router = express.Router(); // this method is returning a url, async (req: Request, configured with the Key, DELETE, err, err }) ); } ); I get the object back having Key and Url property and if I open that URL or if I try to make a PUT request from the cli, etag, I always get a 403 forbidden error. I'm not doing this in serverless // code to get a presigned url const s3 = new AWS.S3({ accessKeyId: k, I get 403 Forbidden Error // Error <link type="text/css" rel="st, I'm not a good questioner. Thanks, I'm trying to get a pre-signed URL from s3.getSignedUrl, Key key, post, requireAuth, res: Response) => { // we want our key to be like this -- myUserId/12122113.jpeg -- where filename will be used as a random unique string, secretAccessKey: keys.SECRET_KEY, so I could directly upload a file/image from the client react side. I get a URL but whenever I open that link or if I try to make put a reque, url, url) => res.send({ key, we shared router.get( '/api/image-upload/get-url'

Mastering Development

How to solve Allow access origion problem

Post author By Full Stack
Post date March 7, 2021
No Comments on How to solve Allow access origion problem

i have tried to upload mern project on cpanel but always get cors problem I have use this function in express js but same problem occurred app.use(function (req, res, next) { res.header(‘Access-Control-Allow-Origin’, ‘*’); res.header(‘Access-Control-Allow-Headers’, ‘Origin , X-Requested-With, Content-Type, Accept , Authorization’); res.header(‘Access-Control-Allow-Methods’, ‘GET, POST, OPTIONS, PUT, PATCH, DELETE’); next(); }); Also tried to use cors […]

Tags 'GET, 'PUT', 'X-Requested-With'], "*"); res.header("Access-Control-Allow-Headers", //['Content-Type', Accept, Authorization"); res.header("Access-Control-Allow-Methods", DELETE'); next(); }); Also tried to use cors package but same error Express work on poet 5001 and react on port 4000 Any solution can tr, i have tried to upload mern project on cpanel but always get cors problem I have use this function in express js but same problem occurred a, next ) { res.header("Access-Control-Allow-Origin", OPTIONS, Origin, PATCH, post, res); }); }

Mastering Development System & Network

CVE-2021-26855 Explanation

Post author By Server Questions
Post date March 4, 2021
No Comments on CVE-2021-26855 Explanation

I patched on 3/3 This just looks like we were probed and not compromised, can some one please confirm? I’m not sure how to interpret this. Ran Test-Hafnium.ps1 Contents of CVE-2021-26855.log #TYPE Selected.System.Management.Automation.PSCustomObject "DateTime","AnchorMailbox" "2021-03-02T09:50:56.279Z","ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#" edit: The scan found the following entry 2021-03-02T09:50:56.279Z,5f083d36-1b8a-489b-9bdc-e3859dea08f4,15,1,2106,2,,Ecp,207.207.49.16,/ecp/y.js,,FBA,false,,,ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#,ExchangeServicesClient/0.0.0.0,157.230.221.198,EXCHANGE001,200,200,,POST,Proxy,exchange001.contoso.com,15.00.0001.000,IntraForest,X-BEResource-Cookie,,,,347,362,,,0,0,,0,,0,,0,0,,0,295,0,0,17,0,274,0,0,0,1,0,294,1,274,4,21,21,295,,,,BeginRequest=2021-03-02T09:50:55.983Z;CorrelationID=;ProxyState-Run=None;FEAuth=BEVersion-1941962753;NewConnection=::1&0;BeginGetRequestStream=2021-03-02T09:50:55.983Z;OnRequestStreamReady=2021-03-02T09:50:55.998Z;BeginGetResponse=2021-03-02T09:50:55.998Z;OnResponseReady=2021-03-02T09:50:56.279Z;EndGetResponse=2021-03-02T09:50:56.279Z;ProxyState-Complete=ProxyResponseData;SharedCacheGuard=0;EndRequest=2021-03-02T09:50:56.279Z;,,,,,,CafeV1 In the following file "\exchange001.contoso.com\C$\Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\Ecp\HttpProxy_2021030209-1.LOG" I did not find any […]

Tags "AnchorMailbox" "2021-03-02T09:50:56.279Z", "ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#" edit: The scan found the following entry 2021-03-02T09:50:56.27, /ecp/y.js, 0, 1, 15, 15.00.0001.000, 157.230.221.198, 17, 2, 200, 207.207.49.16, 21, 2106, 274, 294, 295, 347, 362, 4, 5f083d36-1b8a-489b-9bdc-e3859dea08f4, BeginRequest=2021-03-02T09:50:55.983Z;CorrelationID=;ProxyState-Run=None;FEAuth=BEVersion-1941962753;NewConnection=::1&0;BeginGetRequestStrea, CafeV1 In the following file "\exchange001.contoso.com\C$\Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\Ecp\HttpProxy_20210, can some one please confirm? I'm not sure how to interpret this. Ran Test-Hafnium.ps1 Contents of CVE-2021-26855.log #TYPE Selected.System, Ecp, EXCHANGE001, exchange001.contoso.com, ExchangeServicesClient/0.0.0.0, false, FBA, I patched on 3/3 This just looks like we were probed and not compromised, IntraForest, post, proxy, ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#, X-BEResource-Cookie

Mastering Development

reactjs axios rejected by CORS but not postman or others

Post author By Full Stack
Post date March 3, 2021
No Comments on reactjs axios rejected by CORS but not postman or others

I have a rest API, and I was using CORS to restrict the access to a few domains. I wanted to exclude CORS on a single route, but after spending a long time and failing, I instead manually add CORS to the routes I wanted to restrict. Now, I can call /login from external domains, […]

Tags 'http://localhost:3000/' ] }, 'keywords', "@babel/node": "^7.12.10", "@babel/preset-env": "^7.12.11", "/", "/v1/trigger_push", "author": "", "bcryptjs": "^2.4.3", "body-parser": "^1.19.0", "cors": "^2.8.5", "dependencies": { "axios": "^0.21.1", "description": "An api", "devDependencies": { "@babel/core": "^7.12.10", "dotenv": "^8.2.0", "eslint-config-prettier": "^7.2.0", "eslint": "^7.18.0", "express-basic-auth": "^1.2.0", "express-jwt": "^6.0.0", "express": "^4.17.1", "HS256"], "https://www.reactjs.inproduction.dk", "husky": "^4.3.8", "husky": { "hooks": { "pre-commit": "pretty-quick --staged" } } }, "jsonschema": "^1.4.0", "jsonwebtoken": "^8.5.1", "license": "ISC", "lint": "eslint --fix --ext .js." }, "main": "server.js", "moment": "^2.29.1", "morgan": "^1.10.0", "mysql": "^2.17.1", "node-fetch": "^2.6.1", "nodemon": "^2.0.7" }, "prettier": "^2.2.1", "pretty-quick": "^3.1.0" }, "scripts": { "start": "nodemon --exec babel-node server.js", "test": "echo \"No test specified\" && exit 0", "type": "module", "version": "1.0.0", "web-push": "^3.4.4" }, (err) => { if (err) { return res.sendStatus(400); // Bad request } next(); });, (req, ); // simple route app.get("/", [ "RS256" ] ] }, ], ]; const corsOptions = { origin: function (origin, } from "./login/login.controller.js"; apiRouter.post("/login", } from "./pushNotification/messaging.controller.js"; import { loginController, }; import { subscribe, }), }).unless({ path: [ "/v1/login", algorithms: ["sha1", and I was using CORS to restrict the access to a few domains. I wanted to exclude CORS on a single route, apiRouter); app.set("port", but after spending a long time and failing, but when I call the the route from my reactjs (localhost or https production domain), callback) { if (whitelist.indexOf(origin) !== -1) { callback(null, cors(corsOptions), I am rejected with the error: Access to XMLHttpRequest at 'http://localhost:8080/v1/login' from origin 'http://localhost:3000' has been bloc, I can call /login from external domains, I can call /login without being rejected, I have a REST API, I instead manually add CORS to the routes I wanted to restrict. Now, loginController); apiRouter.post("/subscribe", methods = ['GET', next) => { bodyParser.json()(req, post, process.env.PORT || 3000); return app; }; export { getApp }; my route.js: import express from "express"; import cors from "cors"; cons, res) => { console.log("Hello There"); let name = req.query.name ? ` ${req.query.name}` : ""; res.json({ message: `Wel, res); }); }, subscribe); apiRouter.post("/unsubscribe", the API is now rejecting my reactjs application which doesn't make any sense to me. When I call the /login route from postman or an external, trigger_push_message, trigger_push_message); export { apiRouter }; and here is my package.json: { "name": "", true); } else { callback(new Error("Not allowed by CORS")); } }, unsubscribe, unsubscribe); apiRouter.post("/trigger_push"

Mastering Development

JSON array to multiple objects

Post author By Full Stack
Post date February 28, 2021
No Comments on JSON array to multiple objects

I have a JSON file that looks like this: [ { "request": { "url": "/v1/charges", "headers": { "X-sq-Client-User-Agent": "{\"lang\": \"ruby\", \"publisher\": \"sq\", \"uname\": \"Linux version 3.13.0-57-generic (buildd@brownie) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #95-Ubuntu SMP Fri Jun 19 09:28:15 UTC 2015\", \"hostname\": \"caron\", \"lang_version\": \"2.1.2 p95 (2014-05-08)\", \"engine\": \"ruby\", \"platform\": \"x86_64-linux\", \"bindings_version\": \"1.23.0\"}", "Host": "google.com", […]

Tags 'Accept-Encoding': 'gzip, 'Access-Control-Allow-Credentials: true', 'Access-Control-Allow-Methods: GET, 'Access-Control-Allow-Origin': '*', 'cache-control': 'no-cache', 'Connection': 'keep-alive', 'Content-Type: application/x-www-form-urlencoded, 'Server': 'nginx', "Accept": "*/*; q=0.5, "Authorization": "Bearer xOEwT736mUYLIx7hs0xTiCkI", "body": "amount=123&currency=usd&card[number]=4242424242424242&card[exp_month]=12&card[exp_year]=2020", "code": 200, "code": 200 } } ] It is an array of Request and Response objects. I want to convert this into a Map<Request, "Content-Type": "application/json" }, "date": "Mon, "headers": { "Content-Length": "1422", "headers": { "X-sq-Client-User-Agent": "{\"lang\": \"ruby\", "Host": "google.com", "Request-Id": "req_6gQly7HiMYbIEC", "response": { "body": "{\n \"id\": \"ch_16T3toKv5xscqGyh90sf8TSa\", "Strict-Transport-Security": "max-age=31556926; includeSubDomains", { "request": { "url": "/v1/charges", { method: 'POST', \"bindings_version\": \"1.23.0\"}", \"engine\": \"ruby\", \"hostname\": \"caron\", \"lang_version\": \"2.1.2 p95 (2014-05-08)\", \"platform\": \"x86_64-linux\", \"publisher\": \"sq\", \"uname\": \"Linux version 3.13.0-57-generic (buildd@brownie) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #95-Ubuntu SMP Fri Jun 19 09:28:1, \n \"address_city\": null, \n \"address_country\": null, \n \"address_line1_check\": null, \n \"address_line1\": null, \n \"address_line2\": null, \n \"address_zip_check\": null, \n \"address_zip\": null, \n \"amount_refunded\": 0, \n \"amount\": 123, \n \"application_fee\": null, \n \"balance_transaction\": \"txn_16T3toKv5xscqGyhqAKF6jOq\", \n \"brand\": \"Visa\", \n \"captured\": true, \n \"country\": \"US\"\n }, \n \"created\": 1437973900, \n \"currency\": \"usd\", \n \"customer\": null, \n \"cvc_check\": null, \n \"data\": [\n\n ], \n \"description\": null, \n \"destination\": null, \n \"dispute\": null, \n \"dynamic_last4\": null, \n \"exp_month\": 12, \n \"exp_year\": 2020, \n \"failure_code\": null, \n \"failure_message\": null, \n \"fingerprint\": \"70RrlzfthHpu3e4l\", \n \"fraud_details\": {\n }, \n \"funding\": \"credit\", \n \"id\": \"card_16T3toKv5xscqGyh4LZ6rPyz\", \n \"invoice\": null, \n \"last4\": \"4242\", \n \"livemode\": false, \n \"metadata\": {\n }, \n \"name\": null, \n \"object\": \"card\", \n \"object\": \"charge\", \n \"object\": \"list\", \n \"paid\": true, \n \"receipt_email\": null, \n \"receipt_number\": null, \n \"refunded\": false, \n \"refunds\": {\n \"has_more\": false, \n \"shipping\": null, \n \"source\": {\n \"address_state\": null, \n \"statement_descriptor\": null, \n \"status\": \"succeeded\"\n}", \n \"tokenization_method\": null, \n \"total_count\": 0, \n \"url\": \"/v1/charges/ch_16T3toKv5xscqGyh90sf8TSa/refunds\"\n }, 27 Jul 2015 05:11:40 GMT", application/xml, deflate', DELETE, HEAD, I have a JSON file that looks like this: [ { "request": { "url": "/v1/charges", I have this code, no-store, Object[].class); } When I print obj[0] it gives me this: {request={...}, OPTIONS, post, Request and Repsonse that look like this: public class Request { private String url; private Map<String, Response> object in Java. I have created two classes, response={...}} But I am not able to figure out how to access the request and response object from that string so that I can convert them to, String> headers; private String body; private String method; } public class Response { private String body; private int, which is allows me to access the individual Request and Response objects within the file. public static void main( String[] args ) throws IO