I have an app which can authorize user through Google provider, and we have api endpoint, to the address of which you need to make a GET request. API answers with 307 code and redirect url, but instead of a redirect, I get a request from the current page:
When i tried to google similar problem, all the answers be like: 'just handle redirect in response', but app call redirect url as GET request from current page immediately, so i can't read response and had error.
I want to achieve the following flow:
User makes a get request to our api
Upon receiving a 307 code, we get just get redirect url, and manualy redirect user from the current page to the page from the response.
I tried to achieve this with Fetch API and Axios
Related
I want to call payment gateway, for that payment gateway is called using form submission with the method as post, Can I call the same gateway using post API call from node js HTTP module, I am confused, that I cannot call gateway using post API cause it won't redirect to new page, and form have method and action which can redirect to new page with post call?
There are multiple ways to submit a form from the browser:
HTML form, submit button, user presses submit button, no Javascript involved.
HTML form in the page, Javascript gets DOM element for the form and calls .submit() method on the form object.
Ajax call using the XMLHttpRequest interface with the POST method and manually sending appropriate form data.
Ajax Fetch call with the POST method and manually sending appropriate form data.
With #1 or #2, the browser sends the form and the browser will pay attention to redirects and will display the form response (whether redirected or not) in the browser.
With #3 and #4, the form is sent via Javascript and the response comes back to your Javascript. #3 does not process redirects. #4 has an option to process redirects. Here's more info on each of the above options. #3 and #4 do not affect the browser display is not affected at all unless you program your own Javascript to process the request and affect the browser display (either by inserting content or setting window.location to a new URL.
Here's some more info on the above schemes:
Programmatic Ajax calls with XMLHttpRequest do not process redirects or the response from the Ajax call in any way. They just return that response to YOUR Javascript. Keep in mind that a redirect is just one specific type of response you can get back from an Ajax call. This is different than a browser submitted form POST.
Programmatic Ajax calls with the fetch() interface offer an option to follow redirects automatically. See the redirect option here. But, even in this case, all the fetch() interface does is get the contents of the redirected URL. It does not cause the browser page to change. To so that, you would have to write your own Javascript code to either see the 3xx redirect response and then set window.location to the new redirect URL. Or, you would have to let the interface follow the redirect automatically and then do something with the new redirected content that it will return to your Javascript.
These programmatic requests different than letting the browser submit a form for you. In the browser submitted case (without using Javascript to submit the form), the browser follows redirects and updates the display in the browser based on whatever content is returned from the form response.
When you submit a form via Ajax, the browser does nothing automatically with the server response. That response goes back to your Javascript and your script decides what to do with it. If you want your script to follow redirects, then you have to examine the response, see if it's a 3xx status, get the new URL from the appropriate header and set window.location to that new URL. That will then cause the browser to display the redirect page. But, you have to either program that yourself or find an Ajax library that offers a feature to do it form. A standard Ajax call just returns the form POST response back to your Javascript - that's all. Your script has to process that response and decide what to do next.
I am confused, that I cannot call gateway using post API cause it won't redirect to new page
You can. You just need to write your own Javascript to process the response from the programmatic API call and, if its a 3xx redirect, then set window.location to the new URL to instruct the browser to load the new redirected page.
Form data is usually sent like
address=Stackoverflow&poster=Ashkay
Whereas a normal post in JSON format will be like
{
"address": "stackoverflow",
"poster": "Ashkay"
}
You can mimic a form POST request in NodeJS, e.g:
const request = require("request");
request({
uri: "http://www.test.com/payment/gateway.php",
method: "POST",
form: {
address: "Stackoverflow",
name: "Ashkay"
}
}, function(error, response, body) {
console.log(body);
});
I'm trying to get the redirected URL of an image from an external server with CORS enabled, this can't be done on the server due to the react app not having a central server, I am not in contorl of the remote server. The content of the image doesn't really matter, just the URL.
Here's what the response headers are
Access-Control-Allow-Credentials true
Content-Length 170
Expires -1
Location http://someimage.com/png
If you want your React app to get the content of the Location header, you can fetch the URL, and get the headers from it. See this documentation about Fetch response headers.
Here is an example from this page :
fetch(myRequest).then(function(response) {
console.log(response.headers); // returns a Headers{} object
});
You can find some documentation on the Header class here.
If you are not using fetch, you can probably access the response headers from the API you are using (XMLHttpRequest or axios for example).
However, if what you want is to get the image from a URL, knowing that this given URL is redirecting (with a 301 status code and this Location URL for example), then you can just call this URL. The browser will take care of following the redirection automatically.
I am trying to do Facebook authentication in same window of my web application's login page.
I am using following code when user clicked login button to go to authentication page.
function loginUsingOAUTH()
{
top.location = 'https://graph.facebook.com/oauth/authorize?client_id=839846246064537&scope=email&redirect_uri=http://www.olcayertas.com/testqa/result.html';
}
1) After authentication Facebook redirects me to my redirect url and returns a parameter "code".
At this point I want to access Facebook user information but I don't know how to do that.
What is this "code" parameter for?
2) Is there any other way to access user information?
3) Do you have any other advice facebook authentication with same window login?
Thank you in advance for your help
When you get the code you should make a server side request to get an access token and than pass the access token to user. It is explained in Facebook Developer page:
Exchanging code for an access token
To get an access token, make an HTTP GET request to the following
OAuth endpoint:
GET https://graph.facebook.com/v2.3/oauth/access_token?
client_id={app-id}
&redirect_uri={redirect-uri}
&client_secret={app-secret}
&code={code-parameter}
This endpoint has some required parameters:
client_id. Your app's IDs
redirect_uri. This argument is required and must be the same as the original request_uri that you used when starting the OAuth login
process.
client_secret. Your unique app secret, shown on the App Dashboard. This app secret should never be included in client-side code or in
binaries that could be decompiled. It is extremely important that it
remains completely secret as it is the core of the security of your
app and all the people using it.
code. The parameter received from the Login Dialog redirect above.
Response
The response you will receive from this endpoint will be returned in
JSON format and, if successful, is
{“access_token”: <access-token>, “token_type”:<type>, “expires_in”:<seconds-til-expiration>}
If it is not successful, you will receive an explanatory error
message.
EDIT: Re-wrote the question to be more general and focus on the core problem.
I've made a chrome extension that allows a user to play a mobile game in chrome. This is possible since the game is web-based.
Essentially what the extension does is:
sends an ajax POST request with the user id
the request returns a session id
open a new tab to a particular url passing the session id as a param
the page is then redirected to the game home page on successful authorization
otherwise, redirects to an error page
When I try to replicate this in Node.js:
I use request to send the POST request with the user id
the request returns a session id
I send a GET request to a particular url passing the session id as a param
the request returns with a status 500 response
It appears that the response body is the error page
I used a cookieJar (request.jar()) to handle the cookies/session, but I can't get it to work the same way the browser does it.
Any ideas?
I am trying to redirect to another URL from node js by using response.writeHead method
response.writeHead(301, {Location : <redirecturl>})
I need to have this redirection is being executed by POST method, however it is always executed by GET. What is the way that the redirection can be made as a POST request.
A redirect by default sends a GET request. According to the HTTP spec, a 301 redirection means sending a GET request. If you want to redirect with the same method (POST), you can try doing a 307 redirect instead.
There is no difference between redirection in both GET and POST methods. Both method should work find. Better you can your expressjs framework in which it is
res.redirect('http://example.com');
Be careful, when using status code 301 which means Moved Permanently. Once browser gets 301 status code, it will directly try the redirected URL from the next time.
Without seeing more of your code, I believe this is what you are describing:
The client has made a request to your application using an HTTP method (get, post, etc.) You are responding to that request by sending back a 301 error and a new URL (redirecturl)
The client then decides to implement a get request for the redirecturl.
You can't change how a client responds to a 301. That is out of your control and it is normal for browsers to initiate a get for the redirecturl.
You could initiate a post request from your server to the redirecturl.
You could send back a webpage which would then submit a post request from the client.
What are you trying to achieve?