I am using vue-json-rpc-client-fetch-withcredentials for comunication with my api via jsonRpc in my ionic5/vue project. Comunication works fine in browser and ios 13 (devices and simulators), but when i running app on ios 12, request’s response is "Invalid request". The reason of invalid request is, that reguest’s content is empty. Does anyone know why? I am using Capacitor to create ios version. I tried to create request with another ways, but i have still the same error.
I changed setting for headers on API server and it's working now. So, it's really the difference between
header('Access-Control-Allow-Headers: *');
and
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
Related
I am using http://dummy.restapiexample.com/ API .While using POSTMAN and creating a new employee using POST ,it seems to work .But when I use axios in React Native and do the same thing the POST is returning success response but when I try GET method to get all the new employees I'm not seeing the newly created employee which worked on POSTMAN
This is my POST method
create(){
axios.post('http://dummy.restapiexample.com/api/v1/create',{
"name":this.state.name,
"salary":this.state.sal,
"age":this.state.age
}).then((res)=>console.log(res.data)).then(()=>this.setState({createModal:false})).catch(err=>console.log(err))
}
and this is my GET method
async getData(){
await axios.get('http://dummy.restapiexample.com/api/v1/employees').then((res)=>this.setState({employees:res.data.data},()=>console.log(res.data.data))).catch((err)=>console.log(err))
}
From your example code it seems that you are making a call over http. Note that such calls are blocked by iOS and Android unless you explicitely specify a domain that is allowed to be reached over http.
More information about networking can be found here:
https://reactnative.dev/docs/network
By default, iOS will block any request that's not encrypted using SSL.
If you need to fetch from a cleartext URL (one that begins with http)
you will first need to add an App Transport Security exception. If you
know ahead of time what domains you will need access to, it is more
secure to add exceptions only for those domains; if the domains are
not known until runtime you can disable ATS completely. Note however
that from January 2017, Apple's App Store review will require
reasonable justification for disabling ATS. See Apple's documentation
for more information.
Either allow the domain for non-secure request or use https.
The problem had something to do with running on Android device. Once run on the emulator it seemed to work fine
Developing sample application, when i was call the post method
service in componentDidMount() getting error response access
denied. Only android it's having this issue. But I got this
response IOS Devices .
I researched this case Most of the this issue get an based up on
NetWork same wife connection like emulator and my System this is
fine.
when i was check on AndroidManifest.xml file also getting
Internet Permissions also Accessed.But Still getting this Error in
Android. Please Solve this ,
Only getting in Android Device and emulator having this issue
other Platform device like IOS working fine.
Thanks in Advance.
If the REST server is on localhost in Android you'll have to use your IP instead of http://localhost.
If the rest server is not on localhost you might have to adjust the body and the headers. So instead of string body use a json object etc.
Your code:
fetch('site:ab4aca652284d7dc87ca1f347f2ac432#ori-eu-west-1.searchly.co…
',{ method:'POST', headers:{ 'Accept':'application/json',
'Content-Type':'application/json' }, body:JSON.stringify(string)
}).then((response)=>response.json()).then((responseData)=>{
}).catch((err)=>{ console.error(err) })
rowDatanewOrders:{"status":"error","message":"access denied"}
make sure you have a valid json in body if you have the header 'Content-Type':'application/json', not a string as you have now!
more details about possible adjustments of the body and headers here:
https://github.com/facebook/react-native/issues/5222
I've just started using Postman to test an API I am integrating to.
I have the following error that keeps showing up
Invalid CORS request
Note the following:
The API uses Bearer token authentication(OAuth2). I have this
working without a problem.
I do get the bearer token successfully, assign it to an Environment variable and then attempt to use it for the RESTful operations.
The problem is in the subsequent RESTful operation that uses the token.
When I use an old token (through a POST operation), it rightfully
tells me that it is expired and not authorized.
When I then generate a new one and try to run the restful call, it gives me that Invalid CORS request error.
Using cURL, I have no issues. But I am frustrated by Postman.
What I have found so far:
Using postman with Http POST requests - I don't get the part in bold
Just in case anybody else has this same problem, here is how to solve
it. Go to https://www.getpostman.com/docs/capture in your chrome
browser. Click on interceptor extension and then choose add to
chrome. Once it is added there is a new icon top right of both the
browser and postman that looks like a traffic light. In postman click
this and it turns green. Then add a header to every request going to
third light. Every header consists of the header name and a value.
Start typing over the header name and a list of allowed http headers
comes up. Choose "Origin". In the cell for value simply type the
full URL of your server. (Do not forget the 'http://' or 'https://').
What is the expected response to an invalid CORS request? - Best explanation I have seen so far on CORS errors.
The other material speaks about Access-Control-Allow-Method header, preflight requests
... and there is an illustrative Apache Tomcat flowchart of the CORS flow.
Here's the answer you found again:
Just in case anybody else has this same problem, here is how to solve it. Go to https://www.getpostman.com/docs/capture in your chrome browser. Click on interceptor extension and then choose add to chrome. Once it is added there is a new icon top right of both the browser and postman that looks like a traffic light. In postman click this and it turns green.
... With the bit in bold translated:
Then add a header to your request. The header Key should be "Origin" and the header Value should be the full URL of your server (Do not forget the http:// or https://).
Note that Chrome/Postman won't allow you to add a Header with a Key of Origin without the Interceptor plugin.
Also note that at least on my system the Interceptor icon no longer looks like a traffic light.
If your back-end service side code checks for origin of the request (just to avoid CORS attack) you may face this issues when testing your Rest API through postman.
How to Resolve this .?
You need to install a Chrome plugin called Postman Interceptor (https://chrome.google.com/webstore/detail/postman-interceptor/aicmkgpgakddgnaphhhpliifpcfhicfo?hl=en).
After successfully installing this plugin , in you Postman client you can see small icon called Postman Interceptor , you need to toggle it to turn it on.
Now you can add a Request header as below
RequestHeader Key "Origin"
RequestHeader Value "your application base URL"
Check this image
Now you should be able to over come CORS issues you are facing
Cheers !!
Just avoid using browser/chrome postman plugin. Use the desktop application instead!
Seems our server is seeing from a Postman manual HTTP POST that the orgin is invalid b/c its coming from Postman as "chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop"
Not sure why or how to resolve on client/Postman side. Seems our server is correclty rejecting it as is though and issuing a 403.
Value of "Origin" header set in Postman request should be allowed in API backend. For example, using Spring Boot for API should have next:
#Configuration
public class WebConfig implements WebMvcConfigurer {
#Value("${cors.allowedOrigins}")
private String allowedOrigins;
#Override
public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**")
.allowedOrigins(allowedOrigins)
.allowedMethods("*")
.allowedHeaders("*");
}
}
where allowedOrigins is set using application.properties property cors.allowedOrigins having comma separated list of allowed origins, eg:
cors.allowedOrings=http://localhost:8080,http://example.com
and set 'Origin' value in Postman to any url from cors.allowedOrigins
I was getting this error when testing my APIs on the postman. Even after meticulously configuring my cors. So I used Insomnia instead of Postman and it works fine. I guess sometimes postman is the problem as it needs some extra effort.
You can try new version of PostMan. To me it works after upgraded postman version from 5.5.5 to 7.36.5
I am trying to register device token on pushwoosh services using API but it's returning me following response (Form Pushwoosh service) :
{ status_code: 210,
status_message: 'Invalid token: apa91bhosngjexchs528yuy-y4woqtkoo5b3ydddkh29etjm6eg9thg5urchcqaae32lavevq5vdco6mbyozyld4mqajg_t8-aaqnxiz6fr1gwnml7maurolpibo7-hj3at5l3i7zvzw',
response: null }
I am using Same API for iOS and it's working fine for iOS.
But the problem is with Android device. Also device token is correct (Started from "AP91...") and App is registered onGCM as well.
Thanks for help.
I got the solution and it's silly mistake I have done.
Just Uploading Answer if someone new learner get stuck, so it will helpful.
While making API call to pushwoosh registration we are sending following request in API.
"request":{
"application":"84170-XXXXX",
"push_token":deviceInfo.deviceToken,
"language":"en",
"hwid": deviceInfo.HardwareID,
"timezone": 3600,
"device_type":deviceType
}
Mistake was I missed hwid which is unique (We are using device Mac address now).
Also for Android "device_type" =3 and for ios "device_type"=1 But I earlier I was sending 1 for both (And thats the issue).
Now I am sending it according to device type. (As per given in pushwoosh docs).
and it's working fine now.
Thanks.
I have foursquare app that gets authorization from Foursquare. It used to work but after the server upgrade it stopped working as timeout after 30 seconds.
We were using Apache 2.2.6 and PHP 5.2.12 and upgraded it to Apache 2.2.22 & PHP 5.3.17. We updated php codes according to 5.3.17 which are mostly db stuff. Anyhow our Foursquare server side app isn’t not working since. We tried it on other old server with old setup, then it works.
Specifically, access token is not returned on the request for authorization on our app when a user try to use it.
We are using this format below for making the request.
https://foursquare.com/oauth2/access_token
?client_id=YOUR_CLIENT_ID
&client_secret=YOUR_CLIENT_SECRET
&grant_type=authorization_code
&redirect_uri=YOUR_REGISTERED_REDIRECT_URI
&code=CODE
All of values are filled accordingly.
Any hint or clue would be helpful!
You can try requesting the URL from your browser, and seeing the response generated. This should give you more information about the error occurring.
In your browser, you can imitate a user and follow the flow that they would use to authorize your app. Then, you can take the code parameter from the url, and visit the access_token link in your browser to see the response.