So I'm working on a service that calls a subreddit and requests the hottest articles in JSON. Now Reddit likes that anyone using the reddit API modifies their User-Agent Header to be descriptive (here's a link on the format).
So using Node.JS and the Request plugin, I wrote something like this
var subreddit = 'somesupercoolsubreddit';
var stories = '5';
var options ={
url : url.parse(REDDIT_URL+"/r/"+subreddit+"/hot.json"+"?"+"limit="+stories),
headers : {'User-Agent' : 'Super Cool Reddit Service for Local Widgets! by /u/mrkaiser'},
json: true
};
request(options,function(err,response,body){
serverResponse.send(body);
});
But how do I know this worked? Is there some way to know if request header actually got populated or if Reddit got the right User-Agent?
Create another node script that waits for connections and outputs the headers. Change your reddit script to temporarily call the new script and verify the headers.
Related
not sure if I picked the right terminology, what I want to do is the following:
A node.js module receives http requests of all kinds (GET, PUT, POST ...). It should take these requests and route them to a different URL but keep all other input parameters as it received it.
The response coming in should then be handed back to the calling party.
I realized it with express and https modules for a simple GET and it worked. Before I start coding down the remaining stuff I was wondering if there is a module available for such a URL "redirect"?
Example:
http://server1/api/[parameters] + [body] => https://server2/api/[parameters] + [body]
and handing the response back.
Hope I was able to explain.
To redirect someone to another url you can use the code below:
response.writeHead(302, {
'Location': 'your/404/path.html'
//add other headers here...
});
response.end();
with this response you must also include the appropriate status code for redirection(301, 303) according to your situation.
You can see full list of status codes here:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
I'm trying to validate a webhook via facebook. So facebook hits my url my-url/facebook/receive within my route in nodejs i'd do res.send(req.query['hub.challenge']); to send an http response.
I'm using KoaJS. From what i understand, Koajs merges the request and response object into ctx but when reading through the docs I can't find anything along the lines of ctx.send or similar to send a http response.
Can anyone give me some direction or links.
Thanks.
To send the body of a response, you can simply do ctx.response.body = 'Hello'. There are many aliases attached to ctx, so you don't necessarily have to reference the response or request yourself. Doing ctx.body = 'Hello' would be the same as the code above.
If you wanted to set headers, you would use the ctx.set() method. For example: ctx.set('Content-Type', 'text/plain').
To access the query parameters, you would use ctx.request.query['some-key'] (or simply the alias ctx.query['some-key']).
All of the different request/response methods are documented pretty well at the Koa website along with a list of aliases attached to ctx. I highly recommend you give it a read.
I'm currently developing my app and I'm at the stage where I can start testing messages from Twilio. I configured my server on digital ocean with a public facing IP address and my Nodejs app is listening to calls from Twilio.
I also configured my phone number's message "request url" to "http://username:password#198.xxx.xxx.xxx/messages" with "HTTP POST".
When I debug the headers, I don't see the "authorization" headers. I'm I missing something here?
Any help is much appreciated!
Below is the code.
var headerValues = bag.req.headers.authorization.split(' ');
console.log(bag.req.headers);
var scheme = headerValues[0];
if (scheme === 'Basic') {
var credentials = headerValues[1];
var decoded = new Buffer(credentials, 'base64').toString().split(':');
bag.req.creds = {
userName: decoded[0],
password: decoded[1],
authType: 'basic'
}
}
I use the same setup as you do in several call centers I have built.
If you are using a proxy setup which requires username:password# before the IP address then your issue is likely with that proxy if you can access the code by going directly to the actual server ip address as I note below. However, you did not mention using a proxy just using a digital ocean droplet so I am responding assuming you do not have a proxy setup.
So if you do have a proxy setup make sure you can access the IP address of the server directly first.
Also if those are just extra variables you need to pass over you may be better off appending them after the IP address
for instance xxx.xxx.xxx.xxx/username/password
Then get them with req.params
for instance (and yes this will work with post data since its merely part of the URL and not an actual get command post)
router.post('/sms/:username/:password'), function(req, res, next){
username = req.params.username;
}
First you would not want to direct your request URL at "http://username:password#198.xxx.xxx.xxx/messages" with "HTTP POST".
If you do not have a domain directed at your IP address yet you want your request URL to be
https://198.xxx.xxx.xxx/inbound/sms
{Replacing /inbound/sms with whatever route you are using}
Then at the top of your route (I am using express so my setup may look different than your)
I have the node.js twilio library
, twilio = require('twilio')
, capability = new twilio.Capability(sid, auth)
, client = require('twilio')(sid, auth)
Then here is an example of my /sms route
router.post('/sms', function(req, res, next){
var sid = req.body.SmsSid;
var from = req.body.From;
var to = req.body.To;
var date = Date();
var body = req.body.Body;
if(req.body.NumMedia > 0){
code to handle MMS
}
Code to handle SMS data
res.send("Completed");
});
I ran into this this week and discovered that behavior surrounding Basic Auth in the URL is very cloudy. For one thing, it appears to be deprecated from the URI spec as it pertains to HTTP:
...
3.2.1. User Information
...
Use of the format "user:password" in the userinfo field is deprecated.
...7.5. Sensitive Information
URI producers should not provide a URI that contains a username or password that is intended to be secret. URIs are frequently displayed by browsers, stored in clear text bookmarks, and logged by user agent history and intermediary applications (proxies). A password appearing within the userinfo component is deprecated and should be considered an error (or simply ignored) except in those rare cases where the 'password' parameter is intended to be public.
...
Because of this, both Firefox and Chrome appear to just strip it out and ignore it. Curl, however, seems to convert it to a valid Authorization header.
Whatever the case, I believe this functionality is actually the responsibility of the HTTP user agent, and it appears that Twilio's user agent is not doing its job. Thus, there is no way to make basic auth work.
However, it appears Twilio's preferred method of auth is to simply sign the request using your account's secret auth key, which you can then verify when handling the request. See here.
On researching the raw NodeJS Request and IncomingMessage classes, there appears to be no way to get at the full, raw URL to compensate for Twilio's non-conformity. I believe this is because the actual data of an HTTP request doesn't contain the full URL.
My understanding is that it's actually the HTTP user agent that's responsible for extracting and formatting the auth info from the URL. That is, a conformant HTTP user agent should parse the URL itself, using the hostname and port portion to find the right door on the right machine, the protocol portion to establish the connection with the listener, the verb combined with the URL's path portion to indicate what functionality to activate, and presumably it is then responsible for converting the auth section of the URL to an official HTTP Authorization header.
Absent that work by the user agent, there is no way to get the auth data into your system.
(This is my current understanding, although it may not be totally accurate. Others, feel free to comment or correct.)
I am building a web api with Express and have not found information on accessing incoming custom request headers.
I will be expecting, for instance, that an incoming post request have a provider_identifier header. When I receive the request, I need to access that header information to validate their subscription.
Can someone point me in the right direction/provide advice on this?
router.post('myendpoint/', function(req, res){
var providerId = req.????;
});
Answering my own question here... was kindof a DUH moment for me.
Using above example, simply reference the headers collection like so:
var providerId = req.headers.provider_identifier;
One note: Use an underscore rather than a dash. "provider-identifier" doesn't work, but "provider_identifier" does.
i' m a bit new to Node, so question may be stupid...
I am sending a POST request to a website (through http.request) and I want to be able to use the invisible POST data I get along the response.
I hope this is achievable, and I think so since I am able to preview those data in Chrome debugger.
PS : I understand that we can use BodyParser to parse and get those while listening for a POST call server side, but I have found no example of how to use it coupled with an http.request.
Thanks !
If the body of the HTTP response contains JSON, then you need to parse it first in order to turn it from a string into a JavaScript object, like this:
var obj = JSON.parse(body);
console.log(obj.response.auth_token);
More info on various ways of sending a POST request to a server can be found here: How to make an HTTP POST request in node.js?
Edit : So we figured it out in the comments. The value I needed was in the form to begin with, as a hidden field. My error was to think it was generated afterward. So I'll just grab it first then login, so I can use it again for future POST requests on the website.