I have an yesod application.
I need to add an specific header to all responses.
It's clear how to do it with an specific endpoint using addHeader.
Let's say this one: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options
Question:
How can I configure an header once for all endpoints?
You can alter the yesodMiddleware :: Yesod site => HandlerFor site res -> HandlerFor site res field in the instance Yesod App of your App. For example with:
instance Yesod App where
-- ...
yesodMiddleware handler = do
addHeader "X-Frame-Options" "sameorigin"
defaultYesodMiddleware handler
The yesodMiddleware is thus functionality that is "wrapped around" the target handler. You can do tasks before you query the handler, and after the handler (for example to postprocess the result).
Related
I am trying to make Rest Web-service POST method call with custom header . Tried to add the custom header in enrichHeaders still getting HTTP 403 Forbidden response. Could you please help with right code snippet?
.enrichHeaders(h -> h.header("X-API-Key","ABCEDABCED").header(CONTENT_TYPE, APPLICATION_JSON_VALUE).header(APP_NAME, XXX).header(ACCEPT,
APPLICATION_JSON_VALUE))
.handle(Http.outboundGateway(config.getXxxWebServiceUrl()).httpMethod(HttpMethod.POST)
.expectedResponseType(String.class).requestFactory(xxxRequestFactory()),
c -> c.advice(sendToArchive.sendToArhive()))
.log().get();
Error Logs :-
[bean 'xxxDispatcher1.http:outbound-gateway#0' for component 'xxxDispatcher1.org.springframework.integration.config.ConsumerEndpointFactoryBean#2'; defined in: 'class path resource [service/xxxDispatcher.class]'; from source: 'bean method xxxDispatcher1']; nested exception is org.springframework.web.client.HttpClientErrorException$Forbidden: 403 Forbidden: [{"message":"Forbidden"}]
at
See Header mappings section in the docs: https://docs.spring.io/spring-integration/docs/current/reference/html/http.html#http-header-mapping
By default, all standard HTTP headers are mapped from the message to HTTP request or response headers without further configuration.
So, since you don't provide a mappedRequestHeaders() option for the Http.outboundGateway() therefore your APP_NAME custom header is not mapped and not transferred over the HTTP to the REST service.
I've hosted to IIS in Azure a WCF. I need to do a post CORS client side (I'm using dojo js).
I expect this scenario
POST REQUEST -> OPTIONS PRE-FLIGHT -> POST RESPONSE
but if I see the chrome dev tools network I get:
POST Request -> OPTIONS PRE-FLIGHT -> AUTOMATICALLY GET REQUEST -> METHOD NOT ALLOWED (my WCF method only accept POST method)
There also a strange thing, if i see the GET response, it has status code 302 found and in the response header LOCATION : /rest/(X(1)S(xnrhdgei0ecua5s550yxqiv1))/login/ but I don't know what (X(1)S(xnrhdgei0ecua5s550yxqiv1)) is.
How can I solve this problem?
Thank you!
I solved adding <sessionState mode="InProc" cookieless="false"/> into the web.config. See my previous comment for additional details
IOwinContext does not appear to have the HTTP Referrer in it, and I need to grab it. What is the right way to get that particular variable? IOwinContext has several Typed PEMs but I don't see referer in particular.
The system I am working is self-hosted.
Thanks.
The OwinContext doesn't have 'HTTP Referer' as item in Request header. This has been renamed in Owin self host context. It's now known as 'Referer'. So once you have object of owin context you can get the information by using:
context.Request.Headers["Referer"]
I'm building a library for Yesod which, I hope, will expose an interface for Stripe, the credit card processor. (I plan on releasing it soon. I gave up on Amazon because of its poorly documented API...)
I have created a subsite and typeclass to handle the routes the Stripe API needs. I managed to figure out the "how" of what I need to do, but I don't quite understand it.
The subsite has routes defined by:
mkYesodSubData "Stripe" [parseRoutes|
/charge/#StripeId ChargeR POST
/customer/#StripeId CustomerR POST
|]
and the parent has the route defined as:
/payment/stripe StripeR Stripe appStripe
Now, I'm curious about what this line actually means. For comparison, most other routes are defined like:
/questions QuestionsR GET
As far as I understand, the route generator generates a QuestionsR data type, and dispatches /questions to getQuestionsR. But what exactly is the route generator doing with
/payment/stripe StripeR Stripe appStripe
I suppose it must be creating a StripeR type. And I know that appStripe :: App -> Stripe. But what roles do these things play? How does the parser know to ensure that StripeR takes one of the Stripe routes as an argument? What's going on behind the scenes, and is the GET case a special case of the other pattern?
The GET isn't really a special case as I understand it, as we are explicitly creating a Resource that is a subsite.
The line in question
/payment/stripe StripeR Stripe appStripe
Says that the resource at /payment/stripe we are going to call StripeR and it's a Stripe (which is a subsite) that can be accessed with the appStripe function.
For example, when you are defining your foundation for the subsite you do something like
data Stripe = Stripe
But you could also do
data Stripe = Stripe {
getStripeConfig :: String
}
then in the Master site you co uld do in a handler
handler :: Handler Html
handler = do
app <- getYesod
let stripeConfig = getStripeConfig $ appStripe app
...
I am using url rewrite controller to make custom urls. No i dont know how to secure them or if the user types some thing else then how do i show a page not found error.
Here is how i am making custom urls in my application index:
$route = new Zend_Controller_Router_Route_Regex(
'([A-Z]*(([\/][A-Z0-9\-]*([\/][A-Z]*)?)?))',
array('controller'=>'Uriprocess','action'=>'index'),
array(1 => 'URI')
);
$router->addRoute('URIPROCESS',$route);
You should check Zend_Controller_Plugin_ErrorHandler
Since the ErrorHandler plugin captures not only application errors,
but also errors in the controller chain arising from missing
controller classes and/or action methods, it can be used as a 404
handler. To do so, you will need to have your error controller check
the exception type.