When I use a URL Pattern in the url field of chrome.cookies.get, I am not able to retrieve a cookie. When I type in a full URL, I am able to get the cookie. Is it not possible to use a url pattern in the url field of chrome.cookies.get?
Basically, I am trying to show a certain div when the user first logs into the site, but only the first time. I figured I can achieve this by checking the session, and it looks like the JWT token changes on each new session.
I tried this:
chrome.cookies.get({url: '*://www.mysite.com/*', name: 'JWT'}, function (cookie) {...} but it doesn't seem to work.
Do I need to use a full path? On https://developer.chrome.com/extensions/cookies#method-getAll it says
The URL with which the cookie to retrieve is associated. This
argument may be a full URL, in which case any data following the URL
path (e.g. the query string) is simply ignored. If host permissions
for this URL are not specified in the manifest file, the API call will
fail.
The 'may be a full URL' part makes me believe that you should be able to use a pattern in the URL field.
In my manifest file, I have
"webRequest",
"activeTab",
"storage",
"alarms",
"tabs",
"cookies",
"webNavigation",
"pageCapture",
"desktopCapture",
"tabCapture",
"http://*/*",
"https://*/*"
],
"https://*/*" should be able to match *://www.mysite.com/*.
Again, when I put the full url into the url field, I am able to get the cookie.
Related
In IIS I need to rewrite some URLs of the following format ...
https://intranet.test.ch/default.asp?rq_AppGuid=1797F2EBEDBAA87403CF202FD726B63FBB064C02&rq_TargetPageGuid=3851012A27819643BB79B647961B0D668FB9FD08&rq_RecId=31333535&rq_Lang=de
to
https://intranet.test.ch/doc/1355
From the first URL the ID is URL encoded 31333535 = 1355
So actually I need to extract the ID and used it to redirect to the other URL.
With (?<=&rq_RecId=)\d* I can geht the ID, but without filtering the not needed 3s. Also the ID can be between 1-9999, means 31-39393939.
Can this be done with regex, so I have a resulting group to use in the redirecting URL?
To be more precise I have the following
path('',views.home,name='home'),
path('json', json, name="json"),
my home page calls the json file to plot a chart, however if user types in the url '.../json' they can access the json data file. I want users to not have access to the path /json but I still want my home page to access this json path.
Thanks
This is not quite possible because when your homepage is loaded by a user, the page tells them to request the json data from your server. The browser sees will make a request for the data, and there is almost no difference between the user going to http://yoursite.com and the browser making a call to http://yoursite.com/json.
One way you could try if the data is only loaded once is to append a single-use token to homepage (which is different for every request) and allow the browser to use this to allow the request.
def home(request):
# do everything
context['token'] = generate_token()
session['json_token'] = context['token']
return render()
def json(request):
if request.GET.get('token', '') == session['json_token']:
del session['json_token']
# generate_data
return data
return HttpResponse(status_code=405)
Hi I am trying to implement Facebook login for my website using Django Allauth.
As we can no longer disable Use Strict Mode for Redirect URIs I am getting an error when I try to login via facebook.
The callback URL formed at the time of Facebook login is of this format -
https://example.com/accounts/facebook/login/callback/?code=AQB7W48oY-1XxZv2xU9iahxS80ZPs4oBNLlXWTY7Y93dclyIElEPG-jWKB5ELV7Pv11ckcRYg3L67Wfcz6xqC8yhNLBaFaOQjd4F2AEp8nfScltnY3LoY79g9NjtslCSbQnSlc_hDdBm_rxQtScz-rLChNvAJaky3KYMG_USSTkm9qdyvw5lIMdcIHQjz3CTF8KdgmuFG1T8_WvVqdGDEpfhC_PD7w5tnkcChBEowHnWR656DYa1wrMR1fbP2rqxBocNn6fKPCy_GM_DZynPp8mx0F0YP55vzw2Kv8KchB2nxCaHwQ4dRvJq785w5CfCgDVc6REhbc3CNG2KqZxdxjuG&state=eukVyjHYk04X#_=_
This URL contains the query params code and state because of which it is not an exact match and I checked it via Redirect URI to Check which reported it as invalid.
So on the authentication_error.html I get the following error.
{'provider': 'facebook', 'code': 'unknown', 'exception':
OAuth2Error('Error retrieving access token:
b'{"error":{"message":"Can\'t load URL: The domain of this URL
isn\'t included in the app\'s domains. To be able to load this
URL, add all domains and sub-domains of your app to the App Domains
field in your app
settings.","type":"OAuthException","code":191,"fbtrace_id":"AxoTkIBeoUSKsxuWvMx-Wg4"}}'',)}
My Valid OAuth Redirect URIs has the following URL's
https://example.com/accounts/facebook/login/callback/
https://www.example.com/accounts/facebook/login/callback/
Please help me with this issue, I have looked into all the existing issue but haven't found a solution.
For anyone facing a similar issue, it could be because you missed to add this line to your settings.py file.
ACCOUNT_DEFAULT_HTTP_PROTOCOL = 'https'
I am using the flask-dance library to handle custom OAuth, here's a code sample:
oh = OAuth2ConsumerBlueprint(
"oh", __name__,
client_id="",
client_secret="",
authorization_url="",
token_url="",
redirect_uri="",
scope=[""],
redirect_to='/oauth-redirect'
)
I want to specify a URL parameter so that when the token is granted and the 3rd party website redirects back to my website, it knows where it came from. Like:
localhost:5010/oauth-redirect?id=oh
I know the redirect_to variable is a repurposed url_for via:
https://flask-dance.readthedocs.io/en/latest/api.html#flask_dance.consumer.OAuth2ConsumerBlueprint
which accepts vars like: url_for('page.route', foo="bar") but how do I do something similar, be it passing data to the page or as a url parameter?
You can hook into the oauth_authorized signal, and return a response object. This response can redirect to whatever URL you want, and you can pass whatever data you want in the URL parameters.
I am trying to create an admin command that will simulate some api calls associated with a view but I don't want to hard code the url, for example like that url='http://127.0.0.1:8000/api/viewname', in order to send the request.
If I use the reverse option I can obtain half the url /api/viewname.
If I try to post the request that way
url = reverse('name-of-view')
requests.post(url, data=some_data)
I get
requests.exceptions.MissingSchema: Invalid URL '/api/viewname/': No schema supplied. Perhaps you meant http:///api/viewname/?
Do I have to look whether the server is running on the localhost or is there a more generic way?
requests module needs the absolute url to post to. you need
url = 'http://%s%s' % (request.META['HTTP_HOST'], reverse('name-of-view'))
requests.post(url, data=some_data)