Categories
Mastering Development

Cookies missing on a xhr request on response header

So I have this php code on a.com/test.php <?php require_once ‘wp-blog-header.php’; // get WordPress core status_header(200); // WP way of saying the response it 200 (OK) // allow CORS ; header(‘Access-Control-Allow-Origin: http://b.com’); header(‘Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS’); header(‘Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token’); header(‘Access-Control-Allow-Credentials: true’); // allow credentials print_r($_COOKIE); // show cookies die(); // bye […]

Categories
Mastering Development

MS Graph SDK How to Add/Update a Schema Extension property to a User object

I’m having real trouble finding any code examples in how to add a Schema Extension value against a User in Azure AD. So far I have successfully created my own schema extension, marked as ‘User’ TargetType, and updated the status as ‘Available’. This was all achieved through the MS Graph SDK Below is a screenshot […]

Categories
Mastering Development

Code efficiency/performance improvement in Pushshift Reddit web scraping loop

I am extracting Reddit data via the Pushshift API. More precisely, I am interested in comments and posts (submissions) in subreddit X with search word Y, made from now until datetime Z (e.g. all comments mentioning "GME" in subreddit /rwallstreetbets). All these parameters can be specified. So far, I got it working with the following […]

Categories
Mastering Development

Moodle Web Services How to add multiple files to assignment submissions

So recently I worked with moodle web service and it’s kinda pain to work with due to the hard to understand documentation it self. So I want to save user submission and it is saved. But the problem is, the api will remove existing attachment (file(s)) and replace with new one. I am using the […]

Categories
Mastering Development

CORS blocking post requests in javascript

im making an api using Javalin and trying to send data to it from javascript, however i get cors errors whenever i try to do so. i can recieve data just fine but not send data. Here is my error: Response to preflight request doesn’t pass access control check: It does not have HTTP ok […]

Categories
Mastering Development

AWS S3 getSignedUrl() returns a 403 Forbidden Error

I’m trying to get a pre-signed URL from s3.getSignedUrl, so I could directly upload a file/image from the client react side. I get a URL but whenever I open that link or if I try to make put a request on that URL from the client, I always get a 403 forbidden error. I’m not […]

Categories
Mastering Development

How to solve Allow access origion problem

i have tried to upload mern project on cpanel but always get cors problem I have use this function in express js but same problem occurred app.use(function (req, res, next) { res.header(‘Access-Control-Allow-Origin’, ‘*’); res.header(‘Access-Control-Allow-Headers’, ‘Origin , X-Requested-With, Content-Type, Accept , Authorization’); res.header(‘Access-Control-Allow-Methods’, ‘GET, POST, OPTIONS, PUT, PATCH, DELETE’); next(); }); Also tried to use cors […]

Categories
Mastering Development System & Network

CVE-2021-26855 Explanation

I patched on 3/3 This just looks like we were probed and not compromised, can some one please confirm? I’m not sure how to interpret this. Ran Test-Hafnium.ps1 Contents of CVE-2021-26855.log #TYPE Selected.System.Management.Automation.PSCustomObject "DateTime","AnchorMailbox" "2021-03-02T09:50:56.279Z","ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#" edit: The scan found the following entry 2021-03-02T09:50:56.279Z,5f083d36-1b8a-489b-9bdc-e3859dea08f4,15,1,2106,2,,Ecp,207.207.49.16,/ecp/y.js,,FBA,false,,,ServerInfo~a]@Exchange001.contoso.com:444/autodiscover/autodiscover.xml?#,ExchangeServicesClient/0.0.0.0,157.230.221.198,EXCHANGE001,200,200,,POST,Proxy,exchange001.contoso.com,15.00.0001.000,IntraForest,X-BEResource-Cookie,,,,347,362,,,0,0,,0,,0,,0,0,,0,295,0,0,17,0,274,0,0,0,1,0,294,1,274,4,21,21,295,,,,BeginRequest=2021-03-02T09:50:55.983Z;CorrelationID=;ProxyState-Run=None;FEAuth=BEVersion-1941962753;NewConnection=::1&0;BeginGetRequestStream=2021-03-02T09:50:55.983Z;OnRequestStreamReady=2021-03-02T09:50:55.998Z;BeginGetResponse=2021-03-02T09:50:55.998Z;OnResponseReady=2021-03-02T09:50:56.279Z;EndGetResponse=2021-03-02T09:50:56.279Z;ProxyState-Complete=ProxyResponseData;SharedCacheGuard=0;EndRequest=2021-03-02T09:50:56.279Z;,,,,,,CafeV1 In the following file "\exchange001.contoso.com\C$\Program Files\Microsoft\Exchange Server\V15\Logging\HttpProxy\Ecp\HttpProxy_2021030209-1.LOG" I did not find any […]

Categories
Mastering Development

reactjs axios rejected by CORS but not postman or others

I have a rest API, and I was using CORS to restrict the access to a few domains. I wanted to exclude CORS on a single route, but after spending a long time and failing, I instead manually add CORS to the routes I wanted to restrict. Now, I can call /login from external domains, […]

Categories
Mastering Development

JSON array to multiple objects

I have a JSON file that looks like this: [ { "request": { "url": "/v1/charges", "headers": { "X-sq-Client-User-Agent": "{\"lang\": \"ruby\", \"publisher\": \"sq\", \"uname\": \"Linux version 3.13.0-57-generic (buildd@brownie) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #95-Ubuntu SMP Fri Jun 19 09:28:15 UTC 2015\", \"hostname\": \"caron\", \"lang_version\": \"2.1.2 p95 (2014-05-08)\", \"engine\": \"ruby\", \"platform\": \"x86_64-linux\", \"bindings_version\": \"1.23.0\"}", "Host": "google.com", […]