Is it possible that a jsf application can navigate to an external link and specify headers for that external link?
So far I have tried to call in the backing bean method:
ExternalContext#setResponseHeader(java.lang.String name, java.lang.String value)
ExternalContext#redirect(java.lang.String url)
The redicection is successfully executed but the Headers are lost.
Is there any way to specify a link accompanied with the headers?
No, HTTP doesn't allow setting headers on a different request.
The headers have to be set by the code behind the target URL. Whatever problem you incorrectly thought to solve this way has definitely to be solved differently.
Related
I have just read through the specification of the new declarativeNetRequest API of the Chrome webextension API, which replaces the WebRequest API in the future. I tried to figure out, if I will be able to do the same with declarativeNetRequest, what I currently do with WebRequest. Unfortunately, I think there won't be a replacement, but perhaps I'm wrong and someone can correct me. Here are the two usecases:
In WebRequest.onBeforeRequest: redirect to the URL of my extension and pass the requested URL as parameter. Filtered are local files with "file://" scheme.
In WebRequest.onHeadersReceived: analyze the received headers and redirect depending on header values to the URL of my extension and pass requested URL as parameter. Filtered are <all_urls>.
Thanks for any hints.
Using express JS I'm trying to add some headers to the redirection I'm returning
However, everything I tried just work for the response headers and not for the request headers of the redirection. I.E., when inspecting it with the developer tools I can see the response headers but when the next call is made, I can not see the request headers
req.headers['x-custom-header'] = 'value'
res.setHeader('x-custom-header', 'value')
res.redirect('example.com')
Does anybody could explain how the response and request headers work on ExpressJS?
A redirect just does a redirect. It tells the browser to go to that new location with standard, non-custom headers. You cannot set custom headers on the next request after the redirect. The browser simply doesn't do that.
The usual way to pass some type of parameters in a redirect is to put them in a query string for the redirect URL or, in some cases, to put them in a cookie. In both cases of query string parameters and data in a cookie, those will be available to your server when the browser sends you the request for the redirected URL.
It also may be worth revisiting why you're redirecting in the first place and perhaps there's a different flow of data/urls that doesn't need to redirect in the first place. We'd have to know a lot more about what this actual operation is trying to accomplish to make suggestions there.
If your request is being processed by an Ajax call, then you can program the code receiving the results of the Ajax call to do anything you want it to do (including add custom headers), but if it's the browser processing the redirect and changing the page URL to load a new page, it won't pay any attention to custom headers on the redirect response.
Can anybody explain how the response and request headers work on ExpressJS?
Express is doing exactly what you told it to do. It's attaching the custom headers to the response that goes back to the browser. It's the browser that does not attach those same headers to the next request to the redirected URL. So, this isn't an Express thing, it's a browser thing.
so I'm very new to node.js and back-end.
I've just deployed a restful api on AWS just as a little test, it really does nothing special, only some get-post requests updating a json.
It works as expected.
Problem is: the address is of course very long so i also wanted to redirect the requests from a domain easy to remember.
And so i did.
If the domain is unmasked, it works fine, and i can for example get a json:
apiunmasked.pileoni.site/all
Settings on namecheap:
If i do try to mask it, it still works but the browser don't format it as a json:
api.pileoni.site/all.
Also there is something weird in the marging that happen with the masked version on the main page:
api.pileoni.site
apiunmasked.pileoni.site
I guess is some wrong setting on namecheap?
Thanks
Direct request to the EC2 do not adds the Content-Type header in HTTP response, so the browser tries to guess the datatype and correctly recognize and manages it as JSON.
The Namecheap forward service adds the header, probably falling back to "text/html", and the browser display the content as HTML.
Eventually, try to enforce the Content-Type header to "application/json" in your Node application with setHeader().
I just could not get the http-proxy module to work properly as a forward proxy. It works great as a reverse proxy. Therefore, I have implemented a node-based forward proxy using node's http and net modules. It works fine, both with http and https. I will deal with websockets later. Among other things, I want to log the URLs visited or requested through a browser. In the request object, I do get the URL, but as expected, when a page loads, a zillion other requests are triggered, including AJAX, third-party ads, etc. I do not want to log these.
I know that I can distinguish an AJAX request from the x-requested-with header. I can distinguish requests coming from a browser by examining the user-agent header (though these can be spoofed thru cURL). I want to minimize the log entries.
How do commercial proxies log such info? Or do they just log every request? One way would be to not log any requests within a certain time after the main request presuming that they are all associated with the main request. That would not be technically accurate.
I have researched in this area but did not find any solution. I am not looking for any specific code, just some direction...
No one can know that with precision, but you can find clues such as, "HTTP referer", "x-requested-with" or add your custom headers in each ajax request (squid proxy by default sends a "X-Forwarded-For" which says he is a proxy), but anybody can figure out what headers are you sending for your requests or copy all headers that a common browser sends by default and you will believe it is a person from a browser, but could be a bash cURL sent by a bot.
So, really, you can't know for example, if a request is an AJAX request because the headers aren't mandatory, by default your browser or your framework adds an x-requested-with or useful information to help to "guess" who is performing the request.
I have been asked to build an web-app which will have a page where the user can define the url he wants to navigate to (which is an external link) and add additional http headers he can send with that url. The web-app will be build with jsf 2.1
Which headers exactly do you need to set and what exactly are they for?
Answ: They are additional headers H-Version,H-UniqueID etc.
Is it a specific or an arbitrary external URL?
Answ: is an specific url (but it must be absolute)
And, importantingly, what exactly does the first response of a request on that external URL represent? Does it represent a full blown HTML page (thus with all relative references on it such as CSS/JS/images/links), or does it return a special response (e.g. XML/JSON or even a simple HTTP redirect)?
Answ: The target link will call another java-web-app which it's response will be html/CSS/JS/images/links..
Do you guys know any solution for this,
Many thanks!