I have just followed the steps which were given in the Jenkins website. Now I can login into Jenkins using http://localhost:8080
When I use http://localhost:8080/api/json?pretty=true I can get JSON response from my localhost server. But when I try to get the data to a html page i.e., when I use url http://localhost:1234/foldername/file.html I'm unable to get the data using AJAX call. Below is the code I'm using for AJAX Call
$.ajax({
type: 'GET',
url: 'http://localhost:8080/api/json?pretty=true',
dataType: 'json',
//whatever you need
beforeSend: function (xhr) {
xhr.setRequestHeader('Authorization', make_base_auth('admin', 'admin'));
},
success: function (data){
alert(data);
}
});
function make_base_auth(user, password) {
var tok = user + ':' + password;
var hash = btoa(tok);
return 'Basic ' + hash;
}
I'm getting an authentication error.
From my understanding of the documentation, Jenkins recommends using your user's API key provided via HTTP Basic Authentication, not its password.
Modern jQuery (1.5 or later) also has added a headers field to the options for jQuery.ajax()
headers: {'Authorization': 'Basic ' + btoa('username:apitoken')}
However, what you describe here should do fine without these suggestions.
My assumption is that you are running into the Same-origin policy since your client is based in a browser document, from a different origin (different port) than your Jenkins server runs on. You will need to add CORS headers on your Jenkins server allowing your page's domain access to Jenkins resources, or have both Jekins API + your client page hosted from a single origin.
For your example here, you could use the CORS Filter Plugin and would need to add headers at least as permissive as follows:
Access-Control-Allow-Origins: http://localhost:1234
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: Authorization
In production, you could either use a single origin, or update the list of origins to include wherever your dashboard lives in production, or if you're confident about Same-origin problems, * as a wildcard for any origin.
Related
Is there by any means one can access remote data using restful api without CORS enabled on the remote server.
I'm asking this because I'm trying to access a remote data via an API with angularjs and I've tried all my best can't get seem to load the data. I always get this from Chrome
No 'Access-Control-Allow-Origin' header is present on the requested resource
Below is my script
var auth = $base64.encode("dHNxdWFpbm9vOlFoYXNoZW0xMjM="),
headers = {"Authorization": "Basic " + auth};
$http({method: 'GET', url: 'http://mywebapp.com/Cust?account_number=010104051681',
headers: { 'Authorization': 'Basic dHNxdWFpbm9vOlFoYXNoZW0xMjM=' }
}).success
(function(data){
$scope.user=data;
console.log(JSON.stringify(data));
});
so without CORS enabled, its there a way I can get the data via JS or unless I enable CORS I can't get the data
You can make a reverse proxy https://en.wikipedia.org/wiki/Reverse_proxy. In short:
AngularJS client calls Your backend server
Your backend server calls http://mywebapp.com/Cust?account_number=010104051681
Your backend server get response
Your backend server sends that response back to the AngularJS client.
UPDATE 19 Feb 2016 - see below
I'm building an hybrid mobile app for proximity marketing (i.e. a mobile app which will interact with beacons), and I'd like to use the Bluemix Presence Insights Service to collect data. The problem is I cannot connect through SDK since it is an hybrid app therefore I need to use the connectors API. I've made some attempts and I still get the 401 response.
I've tried an Ajax call setting the Basic Autentication Headers:
beforeSend: function (xhr) {
xhr.setRequestHeader ("Authorization", "Basic " + btoa(username + ":" + password));
},
or
beforeSend: function (xhr) {
xhr.setRequestHeader ("Authorization", "Basic <my encrypted token>");
},
or
headers: {
"Authorization": "Basic " + btoa(USERNAME + ":" + PASSWORD)
},
(also with the encrypted token, I'm not rewriting it).
Then I've made a Node.js server and installed swagger-client (i.e. I've changed strategy):
router.post('/', function (req, res, next) {
var json = req.body.json;
var client = new Swagger({
url: 'https://presenceinsights.ibmcloud.com/pi-swagger/the-connector-api',
success: function () {
console.log("success");
console.log(JSON.stringify(client));
},
authorizations : {
easyapi_basic: new Swagger.PasswordAuthorization('username', 'password')
}
});
res.end();
});
This time I've made progress:
I can successfully connect but I'm not able to send the JSON with the data. Having not access to swagger.json how do I declare the body of the post request? Is there any way to get access to swagger.json of presence insights (this thing will solve all my problems)?
UPDATE
After an exchange of information with Presence Insights support I can say it is not viable to call the Swagger client. The only way to use the service with an hybrid app, it is building a proxy Blumix runtime which it will forward the datas from the hybrid application to the Presence Insights service. Any other attempt, either with an external server or by calling the API within the application is not permitted, as CORS policy doesn't allow it.
This is true for connectors AND management.
I'm writing this for future reference.
the endpoint URL that you're putting needs to be the location of the swagger definition, or swagger specification. Once that's loaded, you can make calls to the API. Note, the swagger client that you're initializing will dynamically create functions based on that definition.
Now, poking around a tiny bit, I did see that the swagger definition is actually available for this service:
https://presenceinsights.ibmcloud.com/pi-swagger/swagger.json
Once you put that in the client, then you can technically make calls against the server.
There is, however, an issue with this service. The swagger definition doesn't look valid, and because of that it won't be possible to use the javascript client. For example:
https://online.swagger.io/validator/debug?url=https://presenceinsights.ibmcloud.com/pi-swagger/swagger.json
Shows many errors. I may be using the swagger.json from this service incorrectly (I did sniff it out) but what I pointed out--using the definition when constructing the client--is how this library works.
I have a simple html page served from my local machine by an app running on port 8000, using the domain appdev.my_company.com.
The same app serves an API from the domain appcenter.my_company.com.
I have an endpoint in said API which sets a session cookie header that looks like this:
Set-Cookie:gac_3_6e...="VC1_69...=="; Domain=.my_company.com; Path=/
I made an ajax request to said endpoint, from the static page, hoping that the cookie would be set since the domain is the same (only the subdomain differs):
/* In http://appdev.my_company.com:8000 */
$.ajax({
url: "http://appcenter.my_company.com:8000/login/",
method: 'POST',
data: JSON.stringify(data),
success: function(){
console.log("logged in");
},
headers: {
"Content-Type": "application/json"
}
});
But it doesn't.
The cookie needs to be associated in the browser window with the current domain, because we need to reload a plugin that picks up this cookie (the cookie comes from a thrid party server).
How can I get this cookie to be registered in the browser? If I look into the resources tab of the web console, no cookie shows up.
I took a look at domain matching of the RFC6265, and it appears this should work.
What can be wrong in this case?
Please checkout CORS. This is the exact problem they try to solve. The only other way (to my knowledge) is to proxy the requests to the other source via your server.
I have a sharepoint online site were I'm using announcements. These announcements I would like to consume in a Cordova app and also on a HTML5 site that I have on some info screens.
I have been looking into using the REST service and app for sharepoint.
Example:
var requestUri = 'https://site.sharepoint.com/_api/web/lists(guid\'someGuid')/items';
var requestHeaders = { 'accept': 'application/json;odata=verbose' };
$.ajax(
{
url: requestUri,
contentType: 'application/json;odata=verbose',
headers: requestHeaders,
success: function (response){
console.log(response);
},
error: function(error) {
console.log(error);
}
});
When I run this I get the:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
I know I can look into trying to enable CORS on sharepoint, or use JSONP.
I was wondering if the path I'm going down here are the correct path or would it be better to create my own WebService and get the data through that?
Any better ways?
thanks
If your Sharepoint online is connected with Azure AD, then you can use Azure AD application access sharepoint REST API with CORS enabled. Follow the steps at https://msdn.microsoft.com/en-us/office/office365/howto/create-web-apps-using-CORS-to-access-files-in-Office-365
i want to get the part of the different website page to my website content.
i have tried to do that with sending an ajax request to that webpage , but getting an cross domain access error
have any idea how to do that?
for example, i want to get this part only http://gyazo.com/600ee9facec408dd56a69c907293ebed from this website http://www.simbagames.com/en/aboutus.aspx
to my existing webpage, and put that content in my webpage content part
this is how i was tring to do that
jQuery.ajax({
type:'POST',
url: link,
crossDomain: true,
dataType: "html", // this is important
headers: { 'Access-Control-Allow-Origin': '*' },
success: function (data) {
console.log(data);
}
})
No need iframes
is that possible?
You need to add a header to response in aboutus.aspx. Or like Kasyx says, give up javascript and get with cUrl
"Access-Control-Allow-Origin: *"
Actually you cant because in addition by setting "Access-Control-Allow-Origin: *"
A server supporting CORS must respond to requests with several access control headers:
Access-Control-Allow-Origin: "*"
By default, CORS requests are not made with cookies. If the server includes this header, then we can send cookies along with our request by setting the withCredentials option to true.
Access-Control-Allow-Credentials (optional)
If we set the withCredentials option in our request to true, but the server does not respond with this header, then the request will fail and vice versa.
if server not responding you with the Access-Control-Allow-Origin: "*" then you cant fetch data
more about that