In my app, I need to download a large zip file and my server(NodeJs) is providing zip using streams to the client but when the file created is too large I am getting network failed error after downloading some amount of file. Here is my sample client code:
<form method="post" action="somewhere" >
<input type="text" name="resources[]" value="resource1"/>
<input type="text" name="resources[]" value="resource2"/>
<input type="text" name="resources[]" value="resource3"/>
<input type="submit" value="post request"/>
</form>
Also I after some research I found that it might be possible that the client is unable to consume the streams properly. There I get to know about FileSaver.
Should I try it or there is something wrong on my client or server?
Here is my server sample: DownloadServer
Related
I have a django website that I'm using the django_distill app to generate a static site which I'm deplying to netlify. I've decided to add a bot protection field to a form (https://docs.netlify.com/forms/spam-filters/#honeypot-field ). When I run the site locally I see
<form data-netlify="true" name="consultdocs" netlify-honeypot="BOTFIELD" action="/contact/" id="form" method="post" novalidate="novalidate"> <input type="hidden" name="csrfmiddlewaretoken" value="rdKh4K2zu9T96aEUO9exSv3QCAm5w">
<input id="id_BOTFIELD" name="BOTFIELD" type="hidden">
....
When I deploy to netlify:
<form name="consultdocs" action="/contact/" id="form" method="post" novalidate="novalidate"><input type="hidden" name="form-name" value="consultdocs"> <input type="hidden" name="csrfmiddlewaretoken" value="GNnbYgQu6vLduSpWEswAVXfEx">
<input id="id_BOTFIELD" name="BOTFIELD" type="hidden">
....
I no longer see the :
netlify-honeypot="BOTFIELD"
attribute. Does netlify remove this?
In short: Yes, netlify removes this field.
I thought initially it's because of the missing data-prefix but netflify removes it independently if it's used with data-netlify="true" data-netlify-honeypot="BOTFIELD OR just netlify="true" netlify-honeypot="BOTFIELD.
I did a quick isolation test to ensure django is not doing some magic. So I simply used two static html files and pushed them to netlify:
https://gallant-edison-bf9c5f.netlify.com/index.html (w/o data attribute)
https://gallant-edison-bf9c5f.netlify.com/index2.html (w/ data attribute)
In both cases it disappears. You can check the respective source code for both files here:
https://github.com/christoph-kluge/netlify-example
I assume that netlify is parsing your HTML code during deployment and is adjusting it. Additionally netflify already checks if a specific post is a potential bot and drops those requests for you. So they need to do something with those fields.
Hope this answers your question.
I'm trying to make a fix to a moneris website, but I have to change the mode of moneris to test to test the changes before pushing in production.
I'm trying the code on the example page as is and got an error. "Invalid store credentials."
<FORM METHOD="POST" ACTION= https://esqa.moneris.com/HPPDP/index.php >
<INPUT TYPE="HIDDEN" NAME="ps_store_id" VALUE="AF4Fs1024">
<INPUT TYPE="HIDDEN" NAME="hpp_key" VALUE="Hsjh4GSr4g">
<INPUT TYPE="HIDDEN" NAME="charge_total" VALUE="1.00">
<!--MORE OPTIONAL VARIABLES CAN BE DEFINED HERE -->
<INPUT TYPE="SUBMIT" NAME="SUBMIT" VALUE="Click to proceed to Secure Page">
</FORM>
So if this is not how you can make a test payment to test the process, how can you?
PS: Seems there's no moneris tag.
You need to goto the developers page of Moneris and create a test environment first Developer Page
After creating the test store you'll need to input the store id and hp key in the values of the form you posted.
I built a simple REST FULL API with NodeJS.
When it comes to HTML code, I do have :
<form method="post" action="/registry/api">
<input name="id" type="text" value="6" readonly>
<input name="name" type="text" value="TEST name">
<input name="description" type="text" value="TEST desc">
<input name="approved" type="checkbox" checked>
<input type="submit" value="Update">
</form>
But if I go in the console, erase 'readonly' and change this id from '6' to '7', my API indeed receives the bad id and update the bad row in database.
How can I fight this ?
Your API should implement some kind of authentication and authorisation layer. One way to do this is to pass a token along with the request (e.g. in Authorization header), so you will know on the backend side, who is the user requesting this action. Then you can simple check whether given user is permitted to do such an action (with given id).
You can take a look at this blogpost, which describes this pattern using JWT (JSON web tokens):
https://scotch.io/tutorials/authenticate-a-node-js-api-with-json-web-tokens
I want to create a website along with its hybrid app using Ionic, I checked ionic's documentation http://ionicframework.com/getting-started/, I created an ionic app for tabs but I also want to handle my website with it so that if the request is coming from web then normal HTML should be served with web frameworks like foundation and I dont want to repeat the code for mobile and web. when I checked the files generated by ionic, it looked like this
<ion-modal-view>
<ion-header-bar>
<h1 class="title">Login</h1>
<div class="buttons">
<button class="button button-clear" ng-click="closeLogin()">Close</button>
</div>
</ion-header-bar>
<ion-content>
<form ng-submit="doLogin()">
<div class="list">
<label class="item item-input">
<span class="input-label">Username</span>
<input type="text" ng-model="loginData.username">
</label>
<label class="item item-input">
<span class="input-label">Password</span>
<input type="password" ng-model="loginData.password">
</label>
<label class="item">
<button class="button button-block button-positive" type="submit">Log in</button>
</label>
</div>
</form>
</ion-content>
</ion-modal-view>
So is it possible to use the same code for web and app(foundation for web and ionic for app)
yes you can!
you can use ionic platform add browser
then you need to add to your node js server.
Ionic as a web server
I'm implementing OAuth 1.0a with the OAuthorize library. I'm following the example provided by the library.
I'm hosting my app at Heroku. Using the test client I'm able to GET a request token, and use it to /dialog/authorize:
Hi Bob Smith!
Samplr is requesting access to your account.
Do you approve?
When I press Allow, I get a Cannot POST /dialog/authorize/decision.
I've registered the endpoint in app.js:
app.post('/dialog/authorize/decision', oauth.userDecision);
Either I am missing something silly from the OAuthorize example or there is a fault in the way I'm handling the transaction.
dialog.ejs:
<form action="/dialog/authorize/decision" method="post">
<input name="transaction_id" type="hidden" value="<%= transactionID %>">
<div>
<input type="submit" value="Allow" id="allow">
<input type="submit" value="Deny" name="cancel" id="deny">
</div>
</form>
For me, the issue was that I didn't provide a proper callbackURL in server.userAuthorization callback.
see https://github.com/jaredhanson/oauthorize/blob/master/examples/express2/db/accessTokens.js#L10 and https://github.com/jaredhanson/oauthorize/blob/master/examples/express2/oauth.js#L152