Laravel Request cookie doesn't show JS created Cookies - laravel

I'm using JS-Cookie for setting a Cookie via the front-end.
Why can't I access it in my Laravel 5.8 application with:
dd(request()->cookies)? The Cookie is visible with the name, but the value is null. But when I do try to get the Value of the Cookie via the "normal" way, I do get the value: dd($_COOKIE['the-cookie-value-i-want']);.
How can I access the value of the Cookie via the "Laravel-way"? Which is more secure.

I know this is an old question, but you can disable encryption for specific cookies instead of disabling it for everything (which would break secure sessions).
Edit the \App\Http\Middleware\EncryptCookies class to include the following:
/**
* The names of the cookies that should not be encrypted.
*
* #var array
*/
protected $except = [
'my_frontend_cookie_name'
];
You can now access the cookie value via request()->cookie() or the Cookie::get() facade.

Only cookie created by laravel can handle by laravel.
Now here is the way you can achieve this
Go to : app > Http > Kernal.php : under $middlewareGroups array comment this
'web' => [
//\App\Http\Middleware\EncryptCookies::class,
And then try
Here is the demo
<!doctype html>
<html lang="{{ str_replace('_', '-', app()->getLocale()) }}">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel</title>
</head>
<body>
{{ Cookie::get('cookie1') }}
{{ request()->cookie('cookie1') }}
<script type="text/javascript">
document.cookie = 'cookie1=test; path=/'
</script>
</body>
</html>

Related

Refused to frame '' because it violates the following Content Security Policy directive: "frame-src *" Trying to set for tel: explicity here

I'm currently trying to build a click to dial link in the browser as an Outlook Addin. I'm getting the error:
Refused to frame '' because it violates the following Content Security Policy directive: "frame-src *". Note that '*' matches only URLs with network schemes ('http', 'https', 'ws', 'wss'), or URLs whose scheme matches `self`'s scheme. tel:' must be added explicitely. [https://localhost:44371/]
I've set the meta tags a bunch of different ways trying to explicitly state the tel scheme that they mention. For instance:
<meta http-equiv="Content-Security-Policy" content="frame-src 'self' tel:">
I've tried about 20 different variations on this. I've also noticed that many people are saying something about changing the HTTP response headers, but I'm not sure exactly how to do this or even why it would be needed.
I'm working on Visual Studio using a template from their own program. Because I'm testing this out on my own computer, I've also tried to whitelist my own localhost. Still nothing.
Here is the html:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="Content-Security-Policy" content="frame-src 'self' tel:">
<title>standard_item_properties</title>
<script src="https://appsforoffice.microsoft.com/lib/1/hosted/office.js" type="text/javascript"></script>
<link rel="stylesheet" type="text/css" media="all" href="default_entities.css" />
<script type="text/javascript" src="MicrosoftAjax.js"></script>
<script src="CallFunctionFile.js" type="text/javascript"></script>
<!-- Use the CDN reference to Office.js. -->
<script type="text/javascript" src="default_entities.js"></script>
</head>
<body>
<!-- NOTE: The body is empty on purpose. Since this is invoked via a button, there is no UI to render. -->
<div id="container">
<div><a id="tel-link">Make Call from Phone</a></div>
</div>
</body>
</html>
and here is the javascript:
// Global variables
let item;
let myEntities;
// The initialize function is required for all add-ins.
Office.initialize = function () {
const mailbox = Office.context.mailbox;
// Obtains the current item.
item = mailbox.item;
// Reads all instances of supported entities from the subject
// and body of the current item.
myEntities = item.getEntities();
JSON.stringify(myEntities.phoneNumbers[0].originalPhoneString));
// Checks for the DOM to load using the jQuery ready function.
window.addEventListener('DOMContentLoaded', (event) => {
// After the DOM is loaded, app-specific code can run.
});
let a = document.getElementById("tel-link");
a.href = "tel:" + encodeURIComponent(myEntities.phoneNumbers[0].originalPhoneString);
}

How to view data retrieved in the controller in the view?

I'm trying to retrieve data in my controller using sqlsrv database connection and I want to view the result in my test.blade.php
public function index()
{
$cout_achat = DB::table('[DWH_SOVAC_PROD_KIT_LIFE_CYCLE]')
->select( DB::raw('SUM([MONTANT_LC]) as cout_achat'))
->get();
return view('test', ['test' => $cout_achat]);
}
and the code in the view
<html lang="{{ config('app.locale') }}">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel</title>
<!-- Fonts -->
<link href="https://fonts.googleapis.com/css?family=Raleway:100,600"
rel="stylesheet" type="text/css">
</head>
<body>
echo {{$cout_achat}};
</body>
</html>
but when I try to access myapp/test I get : ** Use of undefined constant test - assumed 'test' (this will throw an Error in a future version of PHP) (View: C:\wamp64\www\projetSovac\resources\views\test.blade.php) –**
About 404 the route you have provided is completely ok, can you please tell us how you are calling this route.
And please double check any typo in controller name.
Now I would like to talk about some improvement in your code
First of all is that when you return the view like this in your controller
return view('test', ['test' => $cout_achat]);
The $cout_achat will be available with name $test in your blade file. So you should try to use the same naming convention like
return view('test', ['cout_achat' => $cout_achat]);
Or simple you can use compact() laravels helper function like this
return view('test', compact(cout_achat));
It will automatically pass $cout_achat in blade.
Now for echoing the variable in balde you don't need to use echo explicitly like
echo {{$cout_achat}};
You can echo variables like
{{$cout_achat}}
Anything else will be handled automatically by blade compiler.
Hope this will help.

Recove data from xml file with ruby for manipulating

i have a problem. I must recover the data from a xml file inside my print machine becouse i want recove number of copy each day but i can see only total copy from start day of machine.
My script must recover from xml file the total copy day by day and with my manipulition the script subtracts the number each day.
I have alredy try use my little script like follow
require 'net/http'
require 'uri'
uri = URI.parse( "http://192.168.1.80/wcd/system_counter.xml" )
params = {'q'=>'cheese'}
http = Net::HTTP.new(uri.host, uri.port)
request = Net::HTTP::Get.new(uri.path)
request.set_form_data( params )
# instantiate a new Request object
request = Net::HTTP::Get.new( uri.path+ '?' + request.body )
response = http.request(request)
puts response.body
but when i try with other html page i have correctly response and i can see the code of page with my page i have this html page like response:
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Frameset//EN">
<HTML lang="en">
<HEAD>
<TITLE></TITLE>
<meta http-equiv="Expires" content="0">
<meta http-equiv="Pragma" content="no-cache">
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8">
<meta content="text/javascript" http-equiv="Content-Script-Type">
<noscript>
<meta http-equiv="refresh" content="0; URL=/wcd/js_error.xml">
</noscript>
</HEAD>
<BODY BGCOLOR="#ffffff" LINK="#000000" ALINK="#ff0000" VLINK="#000000" onload="location.replace('/wcd/index.html?access=SYS_COU');" >
</BODY>
</HTML>
When i go from browser i can see correctly number of copy.
What for your experiece the correctly mode for bypass this restriction with ruby code?
Thanks for all help.

laravel guzzle return iframe data with status code 200.

laravel guzzle return iframe data with status code 200
<html style="height:100%"><head><META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW"><meta name="format-detection" content="telephone=no"><meta name="viewport" content="initial-scale=1.0"><meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1"><script type="text/javascript" src="/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3"></script></head><body style="margin:0px;height:100%"><iframe src="/_Incapsula_Resource?CWUDNSAI=18&xinfo=3-4046903-0%200NNN%20RT%281512629675030%20501%29%20q%280%20-1%20-1%200%29%20r%280%20-1%29%20B16%288%2c881023%2c0%29%20U10000&incident_id=406002440012479652-17972015798816579&edet=16&cinfo=08000000" frameborder=0 width="100%" height="100%" marginheight="0px" marginwidth="0px">Request unsuccessful. Incapsula incident ID: 406002440012479652-17972015798816579</iframe></body></html>
But it work fine if we enter the url in browser or hit url via postman
url https://www.unocoin.com/trade?all
Try this,
$client = new Client();
$api_response = $client->get('https://www.unocoin.com/trade?all');
$responses = $api_response->getBody();
$responses = json_decode($responses, true);
// do stuff with response

regex to scan html and return the URL from a meta refresh tag

I'm trying to scan html content to find if the source code includes a meta refresh tag in order to get the URL.
Here are some of the cases of meta http-equiv="refresh" tags I've seen
<META HTTP-EQUIV="refresh" CONTENT="0;URL=https://example.de/">
<META HTTP-EQUIV="refresh" CONTENT="0; URL=https://example.com/test">
<meta http-equiv="refresh" content='0;URL=/test' />
<meta http-equiv='refresh' content='0; URL=/test' />
Here is he what I have come up with
$url = response.body.scan(/(CONTENT="0;URL=)(.*?)(">)/)
/(CONTENT="0;URL=)(.*?)(">)/ will work fine for the first instance without the space between ; and URL not for anything else.
Can someone help me with a regex that will work on all 4 scenarios?
Try this out:
$url = response.body.scan(/(CONTENT|content)=["']0;\s?URL=(.*?)(["']\s*\/?>)/)

Resources