Let's consider a scenario like below:
User selects filter button which create a AJAX call to a symfony2 controller and return the result in JSON format.
User select some other links and system will redirect him to the page
User select browser Back button.
User will see JSON response, but he should see the original page.
My controller look like below :
/**
*
*
* #Route("/ajax", name="ajax_route" , options={"expose"=true})
* #Template()
*/
public function someAction()
{
$request = $this->getRequest();
$json = array( );
if($request->isXmlHttpRequest())
{
$res = json_encode($json);
return new Response($res , 200 , array( 'Content-Type' => 'application/json' ));
}
return array( );
}
In other words, if user press back button the if($request->isXmlHttpRequest()) returns true which is not the result I am looking for. Is it a normal behavior or what ?
Symfony\Component\HttpFoundation\Request::isXmlHttpRequest() is a simply utility-method that checks whether HTTP request came up with X-Requested-With header with value XMLHttpRequest. So it's as reliable as X-Requested-With header is.
However, this is not really important. The important thing to notice is the fact that when the user clicks on the back button the browser does not send a new HTTP request to the server. It just restores the page from its internal memory/cache.
I understand that this is an old question, but the same issue just caught me so I figured I'd write up an answer anyway.
In most scenarios, you can invalidate the back button cache by attaching an onUnload handler to the window, like so:
window.addEventListener('unload',function(){});
or, if you prefer jQuery:
$(window).unload(function(){});
but, since your AJAX response is in JSON, that's obviously not possible since you can't include script fragments. In this case, I think the best idea is to set the cache-control: no-store header so the browser wont attempt to cache the result.
You can do that in the OP's case with Symfony2 using:
return new Response($res , 200 , array(
'Content-Type' => 'application/json',
'Cache-Control' => 'no-store',
));
or for more general PHP:
header('Cache-Control: no-store');
There's a caveat here in that it may degrade your performance quite a bit, depending on your app's structure, in which case your best bet would probably be to just use a different URL for your AJAX call. Sucks, I know.
You can find some documentation on the bfcache here, which may be more helpful in different cases.
The browser caches the response using just the url and the request method (GET, POST, etc) as the key.
If you want the browser to recognize additional variations, you can tell it to do so by setting the Vary header in your response. So in your case, you want to tell the browser that the response from the server will vary depending on whether or not the 'X-Requested-With' header was set in the request.
Here's how to do it:
$response = new Response();
$response->setVary("X-Requested-With"); // <=========== Set the Vary header
if($request->isXmlHttpRequest()) {
//...
}
return $response;
Note: that you want to set the Vary header on both versions of the response (this is why I've set it outside of the if statement).
Related
I'm working with a legacy Cakephp 2 app and need to create users via AJAX post on another domain.
I've got the whole thing working nicely in my local environment but have been battling with my prod environment.
I am using Postman to form a consistent Post request and setting the various headers as well as setting data values.
Locally:
I send a post request to a URL and var_dump the entire request object into the response. I can see that my data is populated. $this->request->data['email'] returns exactly what I expect.
Production:
I deploy the exact same code and my data array is completely empty.
I have set my Access-Control-Allow headers and I'm not getting any authisation issues. I can interact with the request within the application but I can not access any data. The request is the same request just a different endpoint.
I am running identical versions of PHP and exactly the same codebase.
Can anyone think of any environmental factors that might affect the request data?
This is my controller code in brief:
public function remoteadd() {
var_dump($this->request);
if ($this->request->is('ajax')) {
$this->disableCache();
$this->autoRender = false;
$this->response->type('json');
$this->User->create();
$gen_pass = $this->generatePassword();
$this->request->data['password'] = $gen_pass;
$emailAddr = $this->request->data['email'];
// Check if this email exists
$conditions = array(
'User.email' => $emailAddr,
);
if (!$this->User->hasAny($conditions)) {
if ($this->User->save($this->request->data)) {
$this->response->statusCode(200);
$this->response->body(json_encode(
array('status' => 'success', 'message' => 'New account successfully created')
));
}
} else {
$this->response->statusCode(500);
$this->response->body(json_encode(
array('status' => 'error', 'message' => 'Email address already exists')
));
}
$this->response->send();
$this->_stop();
}
}
It seems like the issue related to CORS preflight. Two requests are actually triggered. The first is a preflight which given my controller action is not returning any data as it's not actually a legitimate post request. The second request/response has the data appropriately loaded as expected.
I have such a route in my routes/web.php
Route::resource('/api/surveys', 'SurveyController');
As documentation says, it creates all needed routes for API. This is a function, that gets executed when I go for /api/surveys route:
public function index()
{
$request = request();
if(!$request->hasHeader('token')) {
return "No auth token found.";
}
$tokenCheck = $this->userService->isTokenValid($request->header('token'));
if($tokenCheck !== true) {
return $tokenCheck;
}
return $this->surveyService->all();
}
What it does, it checks if token header parameter is set, if not, it returns an error, if yes, it checks if token is valid and etc. if everything is OK, it should return surveys from database.
public function surveys() {
$request = \Request::create('/api/surveys', 'GET');
$request->headers->set('Accept', 'application/json');
$request->headers->set('token', \Cookie::get('token'));
$response = \Route::dispatch($request);
print_r('<pre>');
print_r($response);
print_r('</pre>');
}
I have a website, that should use that API I just created to get all survey records. I create a new request object, set header "token" with token I get from a cookie and then try to dispatch and get a response. But the problem is that everytime I get "No auth token found." error. That means $request->hasHeader('token') returns false, even tough I set it here in my request. If I print_r $request->all() in Restful controller, I get an empty array.
I tried Postman to access this API with token parameter, and it works fine in postman, but here, it seems that Request disappears while it travels to API controller.
What I did wrong here?
When you manually create a request and dispatch it, that works to get the routing to call the correct controller, however that does not affect the request that is bound in the container.
When your "fake" request is handled by the api controller, the request that it pulls out of the container is the original "real" request that was made by the user.
Instead of dispatching the route with your new request, you will need to app()->handle($request) the new request. This, however, will completely replace the original "real" request with your new "fake" request, so everything from the original request will be lost.
Having said all that, this method of consuming your own api is discouraged, even by Taylor. You can read his comment on this Github issue. So, consuming your own api like this may work, but you may also run into some other unforeseen issues.
The more appropriate solution would be to extract out the logic called by the api routes to another class, and then call that extracted logic from both your api routes and your web routes.
I am new to Laravel and I am trying to set up some basic routing logic. I have a route that will process a certain URL pattern. These URLs will usually be an ajax request (returning data for a popup window). However, search engines and users with javascript disabled will follow a normal link, so I want the data to be returned on a separate page. To do this, I need to determine if the request is ajax. I understand I can do this using:
if(Request::ajax()){
//
}
My plan was to do this as part of a 'before' filter attached to the route. If my thinking is correct, I would need to return a boolean ajax=true/false back from the filter. Maybe this is a very simple question, but I can't find anywhere that explains how you actually return a value like this from a filter? Everything I can find seems to assume that the default outcome of any filter logic must be a redirect.
Thanks
EDIT: I've come to the conclusion that I am simply not using the filtering method in the way it was intended, and simply placing the handler in my controller method. But I would still like to know if it is possible to return data from a filter.
In a controller:
if(Request::ajax()){
return Response::json(['message' => 'Hi. Your request was ajax!', 'status' => 1]);
}
The simple solution I found for that is to use Session::flash which populates data for the next request only and you can easily get the result anywhere. So for example :
Route::filter('something', function() {
if(false) {
View:make('error); // or whenever you want
} else {
return Session:flash('result_var', $my_result_var);
}
});
I am trying to cache static content, I want this content is have a lifetime of one hour and the content is public, it is the same for everyone.
I have the following code in my controller:
$response = new Response();
$response->setPublic();
$response->setMaxAge(3600);
$response->setSharedMaxAge(3600);
if ($response->isNotModified($request)) {
return $response;
}
return $this->render(
'ThemesBundle:Ad:content.html.twig',
array('context' => $context, 'block' => $block),
$response
);
But the isNotModified() function always returns false.
PS: I am using Symfony 2.0.22
You made a mistake, $response->isNotModified($request) is used only when using cache validation with a ETag or a Last-Modified test!
Here, you want to use expiration methods (with Cache-Control or Expires).
So just remove theses lines :
if ($response->isNotModified($request)) {
return $response;
}
$response->setMaxAge(3600); (and setSharedMaxAge) alone will do the job, you don't need to test anything, the framework (or client navigator) will do it for you.
The same response will be served during 3600 second without passing by the action. After 3600 seconds, the user will pass by the action anew and it will be cached for 3600 seconds, etc.
In addition, you can use #Cache annotation which simplify the read ;)
This a screen shot of what I get when I call my ajax request:
How do I run only the task, without printing the whole page? This is my ajax call:
$.ajax
({
type: "POST",
url: "index.php?option=com_similar&task=abc",
data: {
id: id,
name: name,
similar_id: similar_id,
},
cache: false,
success: function(html)
{
$("#flash").fadeOut("slow");
$("#content"+similar_id).html(html);
}
});
});
$(".close").click(function()
{
$("#votebox").slideUp("slow");
});
});
Don't go with exit or die, Joomla! has it's nice way of dealing with this stuff.
The answers below are tested in Joomla! 2.5 & 3 (for 1.5. may work as well).
General
Your URL for the task needs to look like this:
index.php?option=com_similar&task=abc&format=raw
You than create the controller which will use the view, let's say Abc, which will contain the file view.raw.html (identical to a normal view file).
Below you have the code for generate a raw HTML response:
/controller.php
public function abc()
{
// Set view
JRequest::setVar('view', 'Abc');
parent::display();
}
/views/abc/view.raw.php
<?php
defined('_JEXEC') or die;
jimport('joomla.application.component.view');
class SimilarViewAbc extends JView
{
function display($tpl = null)
{
parent::display($tpl);
}
}
/views/abc/tmpl/default.php
<?php
echo "Hello World from /views/abc/tmpl/default.php";
Note: This is the solution I would use if I had to return HTML (it's cleaner and follows Joomla logic). For returning simple JSON data, see below how to put everything in the controller.
If you make your Ajax request to a subcontroller, like:
index.php?option=com_similar&controller=abc&format=raw
Than your subcontroller name (for the raw view) needs to be abc.raw.php.
This means also that you will / may have 2 subcontrollers named Abc.
If you return JSON, it may make sense to use format=json and abc.json.php. In Joomla 2.5. I had some issues getting this option to work (somehow the output was corrupted), so I used raw.
If you need to generate a valid JSON response, check out the docs page Generating JSON output
// We assume that the whatver you do was a success.
$response = array("success" => true);
// You can also return something like:
$response = array("success" => false, "error"=> "Could not find ...");
// Get the document object.
$document = JFactory::getDocument();
// Set the MIME type for JSON output.
$document->setMimeEncoding('application/json');
// Change the suggested filename.
JResponse::setHeader('Content-Disposition','attachment;filename="result.json"');
echo json_encode($response);
You would generally put this code in the controller (you will call a model which will return the data you encode - a very common scenario). If you need to take it further, you can also create a JSON view (view.json.php), similar with the raw example.
Security
Now that the Ajax request is working, don't close the page yet. Read below.
Don't forget to check for request forgeries. JSession::checkToken() come in handy here. Read the documentation on How to add CSRF anti-spoofing to forms
Multilingual sites
It may happen that if you don't send the language name in the request, Joomla won't translate the language strings you want.
Consider appending somehow the lang param to your request (like &lang=de).
New in Joomla 3.2! - Joomla! Ajax Interface
Joomla now provides a lightweight way to handle Ajax request in a plugin or module. You may want to use the Joomla! Ajax Interface if you don't have already a component or if you need to make requests from a module your already have.
If you just want to include the response output in some HTML element, append format=raw to your URL as mentioned above. Then you could have a controller function like this:
function abc(){
//... handle the request, read variables, whatever
print "this is what I want to place in my html";
}
The AJAX response will output everything you printed / echoed in the controller.