I'm trying to adapt this tutorial to my server using the Bucket4j Spring Boot Starter.
I'm using an application.properties file.
I can limit the api queries with no problem, but the client doesn't get a 429 error, on the client I get a CORS error.
I figure this is because I'm not adding a header to my server response when I'm limiting the api queries, but is there any way to add this throught the application.properties template?
On the official documentation there is a value called "bucket4j.filters[0].http-response-headers.<MY_CUSTOM_HEADER>=MY_CUSTOM_HEADER_VALUE" but I can't figure how to use it, did anybody use it?
Thanks
You can avoid CORS errors by adding the proper header:
bucket4j.filters[0].http-response-headers.Access-Control-Allow-Origin="https://<clientUri>:<clientPort>"
and if you are using some form of authentication you may want to also add this:
bucket4j.filters[0].http-response-headers.Access-Control-Allow-Credentials=true
Related
I am using Shopify and I'm making an ajax get request to a different server. I have just implemented it so I'm testing it on the console. The request is getting through and I'm getting the response I want but I am also getting the following message:
[Report Only] Refused to connect to 'https://myurl.com/ApiClientes/ciudades' because it violates the >following Content Security Policy directive: "connect-src 'self' *.shopifycloud.com .shopifysvc.com >.amazon.com *.paypal.com *.facebook.com sessions.bugsnag.com analytics.tiktok.com bat.bing.com >www.google-analytics.com ct.pinterest.com stats.g.doubleclick.net".
I would like to get rid of it. Don't know what it is or what it means. I could really use some help. Thanks in advance :)
To handle this issue, don't make direct request to third-party server instead create one url at 'https://yourdomain.com/anypath/handlereqeust?r={requestURL}' to handle all the requests from Shopify store
Then make request to Shopify app as mentioned in this link: https://shopify.dev/apps/online-store/app-proxies
Im using tomcat 8.5 with RestTemplate to consume iFood API, but i always get 500 error.
My localhost is already using a keystore generated file and configured with toncat.
With other api that uses only HTTP im having no problem.
But i cant make the iFood api with HTTPS work.. IF some one can help me.
Note: I can get the token, but when trying to use eventpolling endpoint i just get the error 500.
Thanks for all the comments, but i found the error.
The problem was that in the iFood API endpoint description, it has a char code inside the url.
The exemples use it normaly, calling from Postman no problem, but when using on Tomcat the char code generates a url error, unfortunately, with no feedback or usable error mesage.
Changing the char code to the corresponding character the problem was solved.
I'm currently developing grafana plugin using Angular-1 and ES6, retrieving data from REST API and representing them in grafana. The problem is that as far as grafana plugin is working within the browser, it sends ajax calls to our REST API and they are blocked:
No 'Access-Control-Allow-Origin' header is present on the requested resource. The response had HTTP status code 401.
We were required to solve this issue without adding that header on the REST API side. One simple solution was to use corsproxy.
But I'm curios to know whether there is some other way to use REST API within grafana. If I set up some datasource to my plugin, will it work as a kind of backend or my calls to REST API will still be AJAX calls?
This is the responce i am getting when trying to upload a file from my client(PHP),My server is on WebApi which is hosted in one server.In my webapi i have allowed all CORS related things still i am getting this error.
Have you checked this tutorial?
Maybe when you say
In my webapi i have allowed all CORS related things
you didn't do that correctly, or maybe you enabled too many options at the same time.
It's hard to give you more details without access to your actual configuration.
There are also many posts on the same subject here on SO, have you checked them?
I'm trying to migrate to Revocable Sessions with Parse. I haven't enabled it yet in the console because all my clients don't fully support it yet, but I was following Parse's blog post on migration and added X-Parse-Revocable-Session to my header using Parse's REST API. When I make the call I get the following back:
Request header field X-Parse-Revocable-Session is not allowed by Access-Control-Allow-Headers.
Then I checked the response header and noticed the following coming back from Parse:
Access-Control-Allow-Headers:X-Parse-REST-API-Key, X-Parse-Application-Id, X-Parse-Client-Version, X-Parse-Session-Token, X-Requested-With, Content-Type
X-Parse Revocable-Session isn't in the list. Has anyone been able to get it working using the REST API? Am I missing something?
This is a bug on Parse side and has been confirmed by the team. https://developers.facebook.com/bugs/322026507921274/ . It will sorted soon.