When I load an Url using the load method, like this:
load(QUrl("http://www.foo.com"));
Cookies work correctly with no problems. However, when I load the content using the setHtml method, like this:
setHtml(htmlCode, QUrl("http://www.foo.com));
The website indicates that cookies aren’t enabled in my browser. I wonder if this is a known issue, and whether there’s a way to have cookies working for the setHtml method.
Thanks in advance.
Cookies are from HTTP protocol, not part of HTML. You need a http server embedded, Take a look at this project
Related
Using dropbox '/media' API call I've obtained a direct https file link. Something like this:
https://dl.dropboxusercontent.com/1/view/asdfasdfasdfasd/file.ext
Then I've changed it from 'https' to 'http' and successfully downloaded the file. Obviously enough, the modified link looked like this:
http://dl.dropboxusercontent.com/1/view/asdfasdfasdfasd/file.ext
My question is wether it's ok to use http links or not? Is it some sort of dropbox bug or a hack?
Strange. I get a 400 error when I try to do the same thing.
Even if HTTP is working for you, I'd advise against using it. Someone eavesdropping on your traffic could learn the link to the file, and it's also possible for someone to impersonate dropboxusercontent.com and send you the wrong data.
It's probably best to stick with HTTPS.
I am developing a wpf client which has to play a video from an external url. The server running behind the url is also managed by me. Now to protect the content and make it available only to the my wpf app, I was planning to use an authentication token which the wpf client has to pass to the server when it has to access and play the content. I am using MediaElement to play the video. I set MediaElement.Source to url of the video.
I thought I could pass the authentication token as cookie by setting HttpContext.Current.Response.Cookies.Add(httpCookie);
But for this to work, I need access to the HttpContext of the mediaElement which I dont have. So how can I ensure security of my video?
You may be able to include the credentials in the CGI params part of the URL used to request the video, or even in the URI itself if you have the ability to parse it out of the URI in your server.
I know this seems less secure, but because the URL will never be seen by the user since this is all loaded under the covers through WPF, they would never see the URL unless they are snooping with a network tool like Wireshark - in which case they will be able to sniff out your cookie as well. If you use HTTPS then both security issues are a moot point.
if I get data from an external website in JSONP form, how do I access the http header response? I have heard this may be difficult but my experience is that everything is possible.
Nope.
This is completely impossible.
The whole point of JSONP is to bypass the same-origin policy by passing a result through executable Javascript code.
Other than JS code generated by the remote server, you cannot get any information.
I developed a weather app using google weather API
but from today it stopped working.
When I tried to access the weather API using location through browser it asks for human authentication.
How can my app work when it is like this? Is there a way to bypass the authentication process?
It's very odd behavior...I wonder if it has something to do with headers that are passed along as when I try loading the API url in Chrome, Unsupported API...or if I do same URL in Firefox, works just fine.
It's also worth noting that I tried setting up an Apache Proxy to Google's weather service by placing the following two lines in a separate Web Server's apache config and referenced the API via www.domain.com/weather/api?weather=Chicago and it still works...so that's my workaround for now:
ProxyPassReverse /weather/ http://www.google.com/ig/
ProxyPass /weather/ http://www.google.com/ig/
Try to change domain, ex: http://www.google.ca/ig/api?weather=Sondrio . It works (for now :D).
Looks like it is out of use from now on
Even using .CA it returns Unsupported API randomly.
Pity
Yeah, interesting, Google seems to send back random "Unsupported API" responses if the request is missing the cookies that the browsers (tested with Chrome and Firefox) are including with requests to the inofficial weather URL.
I've fixed my application by copying the entire "Cookie:" header I found when I ran the request in Firefox with Firebug's "Net" tab enabled.
Not sure where on .google.com the browser got the cookies from yet, I presume from using a personalized service like gmail.
if you are looking for a weather API that works right now, I have a suggestion…
Try Metwit Weather API, it's new but sounds very cool…
This api is really simple to use because it use standards that are available nowadays, like JSON and REST.
you can use this new api this has the same xml structure of google weather api
http://en.previmeteo.com/professionals/google-weather-api.php
Sorry for posting basic question but please give me your advise.
I have to write iOS application which communicates with web application deployed on Tomcat server.
The web application requires client-app to call the "logon" servlet with username and password to get JSESSIONID. Once client get JSESSIONID, the web application allows to invoke other servlets.
But I couldn't figure out how to manage the session to invoke these servlets.
Would you please introduce me the examples/tutorials to learn how to invoke these kind of servlets?
Thank you in advance.
Here's a decent example of making an http request from iOS:
iOS: How to make a secure HTTPS connection to pass credentials?
There's nothing magic about making the call to a j2ee tomcat server - it's just an HTTP request, so any way you can make an HTTP request will work for you.
Maybe this one too:
Can I make POST or GET requests from an iphone application?
edit: ahh, looks like this is the one you want:
http://developer.apple.com/library/mac/#documentation/Cocoa/Conceptual/URLLoadingSystem/Tasks/UsingNSURLConnection.html
The JSESSIONID is nothing special. If your application is set up to handle cookies coming back from your HTTP request then the JSESSIONID will come back as a cookie in the header. Otherwise you will be issued a redirect to a URL with the JSESSIONID in it. From there, if you handle cookies, the JSESSIONID will be passed automatically with each request with all of the other cookies. Otherwise you'll have to put it into the URL of each request manually.
Download the liveheaders plugin for Firefox and try hitting your servlet with the webbrowser and you can see how the JSESSIONID gets passed around. Next, turn off cookies in Firefox and you can see how it's passed around in the URL and you can see the redirect that Tomcat issues if you watch the headers in liveheaders.