I an trying to do the following -
1) Access POST submission data in Apache
2) Create a file name by using some of the parameters in POST data from 1)
I will like to then read the file from disk vs using back-end application to regenerate the page.
Any help will be greatly appreciated.
Your methodology is fundamentally flawed.
A POST should only be used where you want to change the state of the server. If you're serving up a cached file instead then you're not changing the state.
If generating the content after the POST can be cached, then the way to implement this would be to return a 302/303/307 header in the POST target pointing to the page which should be rendered (and can be cached).
C.
Related
I'm learning to become a security researcher so my question is solely to understand/learn what happens and not for doing bad stuff.
I'm currently looking at file upload. In the specific case the file upload occurs with a HTTP Post request with the content-type header set to the actual MIME-type of the file (e.g. image/png) and not multipart/form-data. The HTTP request body contains the actual file content without any encoding, at least as far as I can see (when I save the raw HTTP request body to a file and compare it with the original file they are identical).
I would like to modify the HTTP request body to include the content of another file. The question is how can I obtain the actual content of this second file and replace the HTTP request body with this in a correct way (formatting, encoding,...).
I've used already tried many things (cat + copy paste, texteditor, xclip and alternatives, piping etc...) but for some reason the content always change (formatting,encoding, etc...) and the request is rejected by the servers as invalid. Even if I modify it with the content of the same file and when I save the raw request body the are different.
I know my issue is actually related to a lack of basic file content/handling etc. knowledge so I've already spend hours to search the web but seems I'm missing the correct terminology to find interesting resources.
So more than just having a solution for this specific use case I would like to understand what is happening in the process. So please feel free to point me to any resources that could help me to understand the underlying better.
I really appreciate any help, info. Many thanks in advance.
Best regards,
I have image upload in my system. I am struggling to understand what is the logic of serving images.
If I upload directly to wwwroot, the files will be accessible to everyone, which is not what I want.
I understand I could save the file contents in the database as base64 but those can be big files, and I would like them on the server in files.
I could convert them on the fly when requested. Most probably getting the path to file, then loading it in a memory stream and spitting out the base64. But seems overkill, and not an elegant solution. I use Automapper for most data and I have to write some crazy custom mappers, which I will If there is no other way.
I could create virtual path, which from what I understand maps physical path on server to a url which doesn't seem any different than option 1
I fancy there is a way to spit out a link/url that this user has access to (or at least logged users) that can be passed to the app so it can load it. Is this impossible or unreasonable? Or am I missing something?
What is the correct way of doing in general?
Also, what is a quick way to do it without spending days for setup?
To protect the specific static files, you can try the solutions explained in this official doc.
Solution A: Store static files you want to authorize outside of wwwroot, and call UseStaticFiles to specify a path and other StaticFileOptions after calling UseAuthorization, then set the fallback authorization policy.
Solution B: Store static files you want to authorize outside of wwwroot, and serve it via a controller action method to which authorization is applied and return a FileResult object.
I have a JS based CMS that populates a single page with different content based on URL parameters passed to the page. I am using the shareURL format (https://www.linkedin.com/shareArticle?mini=true&url=''&title=''&summary=''&source='')
But the parameters I pass are never used it always falls back to what is being served directly from the server.
Do I have to use the API to make this work and if so can I use the API without making the user authenticate?
Is there a correct way to pass this so that linked in will display the correct data.
After testing this more I realised that the linked ins share URL does not take its parameters it only takes what is served from the server. So I changed my build process not to get the pages in run time but to precompile them onto the server. Maybe in the future linked in will have resolved this for dynamic pages.
I am quite new in YII just 2 weeks and I am getting a hang on it, but I have an integration I have to do, which includes submitting form data to an enternal site, as well saving said data in my DB, after which i am automatically redirected to the said site and after performing some actions they send some data back, which should be displayed and saved in my DB as well. Any help would be grossly appreciated. Thanks
You will need cURL for the remote request: http://www.php.net/manual/en/curl.examples-basic.php.
Yii does not have this functionality by default, but you can create a component for it, which makes a post request to the remote site using cURL.
Depending on the format of the returned data, you will need to decode/unserialise it.
You can create a CDbCommand to store it directly into the database or assign values to an Active Record model and store that into the database.
So, I have a bunch of HTML is being stored in a SQLite database, and they link back and forth amongst themselves. When a user clicks to follow a link, that request needs to be serviced by pulling the appropriate HTML out of the database. This could result in needing to load images, which are also being stored in the database (this is a future thing; there are no images yet, but I'd like to be able to use them). I've looked through the WebKit documentation, but can't quite figure out how to make this happen. I've mostly looked at WebFrameLoadDelegate and WebResourceLoadDelegate, but I didn't see one that would let me catch the request, grab the appropriate content, and then send that in a response.
Ideas? I'm pretty new to Objective-C and Cocoa, but I think I'm mostly getting the hang of things.
How do the pages which are stored in the database link to each other? It is probably easiest if they use some sort of customer URL scheme to start with.
The approach I would use is to implement
-webView:resource:willSendRequest:redirectResponse:fromDataSource:
in your resource load delegate. If the request is for a resource that is actually located in your database, return a new[1] NSURLRequest which uses a custom URL protocol which points to the database resource:
x-my-scheme:///table/row
[1] Unless you are already linking amongst your resources with the custom URL scheme - then you can skip this step.
Then, implement a custom NSURLProtocol for x-my-scheme which knows how to retrieve the data from the database. The PictureBrowser sample gives a simple example of how this is done.