This question already has answers here:
How to resolve 'preflight is invalid (redirect)' or 'redirect is not allowed for a preflight request'
(6 answers)
Closed 1 year ago.
This cors issue will be the death of me. Anyways I am trying to trouble shoot why the spatie/cors package works locally but does not in production. If anybody has experience with this I would appreciate the help!! I am trying to access my backend but getting an alarm saying
my url has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request
Your URL https://aewcpa.traxit.pro/api/account is returning a 301 redirect to https://traxit.pro/api/account for the CORS OPTIONS request, which is causing this issue.
You can see this in action in your browser's network console, or with cURL:
curl -I 'https://aewcpa.traxit.pro/api/account' -X OPTIONS -H 'Access-Control-Request-Method: GET' -H 'Referer: https://aewcpa.traxit.io/login' -H 'Origin: https://aewcpa.traxit.io'
HTTP/2 301
server: nginx/1.15.6
date: Fri, 21 Dec 2018 18:14:36 GMT
content-type: text/html
content-length: 169
location: https://traxit.pro/api/account
Related
I checked the answered question here but this doesn't work for me because as per the below curl command, there is no matching method in my controller.
"curl -X TRACE localhost:8080"
This curl command gives me a success response (/error is because there is no matching end point)
TRACE /error HTTP/1.1
host: localhost:8080
user-agent: curl/7.85.0
accept: /
I was expecting to see a 405 error response.
Is there some application property that I could use to achieve this?
I am using SIM800 to send HTTP Post request to a remote InfluxDB database. I have successfully sent HTTP Post request to the database from my computer using Curl as shown below.
01:~$ curl -i -XPOST 'http://<ip address>:8086/write?db=mydb' --data-binary 'location,host=server01,region=us-west value=0.99'
HTTP/1.1 204 No Content
Content-Type: application/json
Request-Id: 3c958273-edb2-11eb-88ca-000000000000
X-Influxdb-Build: OSS
X-Influxdb-Version: 1.6.3
X-Request-Id: 3c958273-edb2-11eb-88ca-000000000000
Date: Mon, 26 Jul 2021 01:38:54 GMT
After that when I tried using SIM800, I received 400 Bad Request after executing AT+HTTPACTION=1 . The remote server responded with "+HTTPACTION: 1,400,0" . Below are the AT Commands.
AT+SAPBR=3,1,"CONTYPE","GPRS"
AT+SAPBR=3,1,"APN","myAPN"
AT+SAPBR=1,1
AT+HTTPINIT
AT+HTTPPARA="CID",1
AT+HTTPPARA="URL","http://<ip address>:8086/write?db=mydb"
AT+HTTPPARA="CONTENT","application/json"
AT+HTTPPARA="USERDATA","location,host=server01,region=us-west value=0.55"
AT+HTTPDATA=300,5000
AT+HTTPACTION=1
AT+HTTPREAD
AT+HTTPTERM
AT+SAPBR=0,1
Besides that, i captured the packets when SIM800 sent http post request but could not find the http post body.
The http post body can be seen in the captured packets when sending http post using Curl.
I appreciate if anyone can shed some light on this matter. Thank you in advance.
I managed to get it to work. Here are the AT commands:-
AT+SAPBR=3,1,"CONTYPE","GPRS"
AT+SAPBR=3,1,"APN","myAPN"
AT+SAPBR=1,1
AT+HTTPINIT
AT+HTTPPARA="CID",1
AT+HTTPPARA="URL","http://<ip address>:8086/write?db=mydb"
AT+HTTPPARA="CONTENT","application/json"
AT+HTTPDATA=48,5000
location,host=server01,region=us-west value=0.55
AT+HTTPACTION=1
AT+HTTPREAD
AT+HTTPTERM
AT+SAPBR=0,1
after executing the AT+HTTPDATA, quickly execute the HTTP data (location,host...).
I'm currently attempting to write a basic client that listens to events from (enterprise) github, and makes API calls accordingly.
The problem I have is that I can't manage to get the PubSubHubbub client configured. I thought it was the client/authentication I'm using, but I now can't get the basic call from the docs working!
In an attempt to work out what I'm doing wrong, I'm making a curl request to my normal github account:
curl -u "joepym" -i \
https://api.github.com/hub \
-F "hub.mode=subscribe" \
-F "hub.topic=http://github.com/JoePym/faraday/events/push" \
-F "hub.callback=*callbackurl*"
and I'm getting back
HTTP/1.1 100 Continue
HTTP/1.1 422 Unprocessable Entity
Server: GitHub.com
Date: Wed, 08 May 2013 18:13:24 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Status: 422 Unprocessable Entity
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4989
X-GitHub-Media-Type: github.beta
X-Content-Type-Options: nosniff
Content-Length: 38
{
"message": "Invalid event: nil"
}
This invalid event message is what my main client is also getting when I attempt to call my enterprise github account with enterprise credentials.
Has anyone encountered this before?
Try using https://github.com/JoePym/faraday/events/push as your hub.topic. Note that we are now using 'https'.
I simply would like to automate posts to Facebook for certain events to my corporate Facebook Page. It seems as though it should be straightforward from what I've read thus far, however I am running into a roadblock.
An example of some code I have and the error is as follows:
user = FbGraph::User.me(access_token)
user = FbGraph::User.fetch('PageName')
FbGraph.debug! # yields true
user.feed!(
:message => 'Updating via FbGraph',
:link => 'https://domain.tld',
:name => 'PageName',
:description => 'This is a test post to be deleted'
)
This returns the following error:
======= [FbGraph] API REQUEST STARTED =======
POST /234062246478665/feed HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: 124
Host: graph.facebook.com
message=Updating+via+FbGraph&link=https%3A%2F%2Fdomain.tld&name=PageName&description=This+is+a+test+post+to+be+deleted
--------------------------------------------------
Status: 403 Forbidden
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=UTF-8
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Pragma: no-cache
WWW-Authenticate: OAuth "Facebook Platform" "insufficient_scope" "(#200) This API call requires a valid app_id."
X-FB-Rev: 541309
X-FB-Debug: JN9/Vt8MN24GNUL34l8TE2cDuCRZZehdUTx2KkOrHQ8=
X-Cnection: close
Date: Mon, 16 Apr 2012 18:55:20 GMT
Content-Length: 0
{"error":{"message":"(#200) This API call requires a valid app_id.","type":"OAuthException","code":200}}
======= [FbGraph] API REQUEST FINISHED =======
/Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/fb_graph-2.4.10/lib/fb_graph/exception.rb:55:in `handle_httpclient_error': OAuthException :: (#200) This API call requires a valid app_id. (FbGraph::Unauthorized)
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/fb_graph-2.4.10/lib/fb_graph/node.rb:145:in `handle_response'
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/fb_graph-2.4.10/lib/fb_graph/node.rb:54:in `post'
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/fb_graph-2.4.10/lib/fb_graph/connections/feed.rb:15:in `feed!'
from ./test_script.rb:168:in `block in <main>'
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/nokogiri-1.5.2/lib/nokogiri/xml/node_set.rb:239:in `block in each'
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/nokogiri-1.5.2/lib/nokogiri/xml/node_set.rb:238:in `upto'
from /Users/username/.rvm/gems/ruby-1.9.3-p125#all/gems/nokogiri-1.5.2/lib/nokogiri/xml/node_set.rb:238:in `each'
from ./test_script.rb:85:in `each_with_index'
from ./test_script.rb:85:in `<main>'
On developers.Facebook.com/apps -> Settings -> Auth Dialog I am setting the Extended Permissions to include publish_stream and status_update.
I have found that curl access with the same token does indeed work as follows:
curl -F 'access_token=MY_BIG_OLE_LONG_TOKEN' -F 'message=testing message' https://graph.facebook.com/MyPage/feed
Am I missing the setting of a permission somewhere or not calling the api correctly with the fb_graph ruby gem?
You need to check out documentation for page of graph API. Check the field access_token which manages_pages. You need to set this option in the extended_permission. The key here is getting the right token. The token in the text field may not work most of the time. You need to send GET request to https://graph.facebook.com/YOUR_PROFILE_ID/accounts to obtain the correct token. Seems like you already got the correct one.
I have used koala gem before. As posted here.
page_graph = Koala::Facebook::GraphAPI.new(#access_token)
page_graph.put_object('MyPage', 'feed', :message => 'This is posted as the page')
Well I must say facebook's API documentation lacks the developer friendliness. You need to dig deep for getting even the simplest things to work.
I hope this will help you to get started with automating the FB posts.
I can browse the page by browser, but I can't download the html page by wget.
https://money.benck.tw
When I use wget, it can't even connect to the website:
--2011-10-12 05:30:24-- https://money.benck.tw/
Resolving money.benck.tw... 97.107.135.68
Connecting to money.benck.tw|97.107.135.68|:443... failed: Connection timed out.
Retrying.
--2011-10-12 05:33:35-- (try: 2) https://money.benck.tw/
Connecting to money.benck.tw|97.107.135.68|:443...
However, I can download the other https website like: https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
It's very weird.
For this website you have to use the --no-check-certificate command
wget --no-check-certificate https://money.benck.tw
I'm experiments the same issue, I trying to download files from an external site like https://downloads.wordpress.org/plugin/easy-wp-smtp.zip and I wget using --no-check-certificate stills not working.... It's freezing in this line:
Connecting to downloads.wordpress.org (downloads.wordpress.org)|198.143.164.250|:443...
Anyone have the same issue?
No IP tables configured and rules. When I do this on other server on the same networks works fine. This only happens on this server specialy.
Regards,
Francisco Yu
This is because of this page is probably scraped by wget too often. You need to modify headers, especially useragent.
Examples from other website:
--no-check-certificate does not hepls
wget --no-check-certificate "https://www.money.pl/pieniadze/depozyty/walutowearch/1921-02-05,2021-02-05,LIBORCHF3M,strona,1.html" --2021-02-05 17:05:34-- https://www.money.pl/pieniadze/depozyty/walutowearch/1921-02-05,2021-02-05,LIBORCHF3M,strona,1.html
Loaded CA certificate '/etc/ssl/certs/ca-certificates.crt'
Resolving www.money.pl (www.money.pl)... 212.77.101.20
Connecting to www.money.pl (www.money.pl)|212.77.101.20|:443... connected.
HTTP request sent, awaiting response... 403 Forbidden
2021-02-05 17:05:34 ERROR 403: Forbidden.
but other tool to download sendign other headers works
http -h "https://www.money.pl/pieniadze/depozyty/walutowearch/1921-02-05,2021-02-05,LIBORCHF3M,strona,1.html"
HTTP/1.1 200 OK
Cache-control: max-age=60, public,stale-while-revalidate=5
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20756
Content-Security-Policy: upgrade-insecure-requests;
Content-Type: text/html; charset=iso-8859-2
Date: Fri, 05 Feb 2021 16:04:16 GMT
Link: <https://money.wp.pl/dGxwOTV0SyYZFTlneUtGM1pNbSY9EkhlJ1V1dglvOxgnKBALCW87GCcoEAsJbzsYJygQCwlvOxgnKBALCW87GCcoEAsJbzsYJygQCwlvOxgnKBALCW87GCcoEAsJbzsYJygQCwlvOxgnKBALCW87GCcoEAsJbzsYJygQCwlvOxgnKBALCW87GCcobXh0RUZ9WlgoNTAeDjRHBTlpZxYWIhMeKydrAld1TER2ciZYECoUSjgjIR4JKBYSNnomXEF1TUUJJD9VCi4ZEzUxcwJRdT4TKiQ5Sh0zAVJ9YWR2EyYUAjs7IVUFNRsfamZjAiJ2QUV-eWYCSXdNUn1hZHNWd0pGYmRkHVRyXUV6ZhV8LQU3JQwcEAMpYkpCfRclRBYoFhZqZmMCJ3ZWHzs5OhY0EDkoLjA0VFl1XgQ_PTgNKRMbQgIuB0lCIRQEOzUiWQB6XhYrIgVcCzMLSn9lZhYHJBkDKjM5Qh16DxYjISJJRjo=>;rel="preload";as="script";
Server: nginx
Set-Cookie: mny_ver2=v8c;Domain=.money.pl;Path=/;Max-Age=2592000;
Vary: Accept-Encoding