How can I connect on a Wordpress website (and get it posts) using REST api? What I did:
Installed the REST plugin on Wordpress (https://wordpress.org/plugins/json-rest-api/)
Enabled it
But I can't get the posts. Only if I use CURL (but I would like to use requests)
import requests, json
r = requests.get('http://www.uaigeek.com.br/blog/wp-json/posts', auth=('admin', 'pass'))
print r.status_code
print r.json
Using CURL (curl -I http://www.uaigeek.com.br/blog/wp-json/posts) it works like a charm, but using requests it always get 403 error (sometimes 404).
How can I do that?
Solved! It was a "problem" from Site5 host, they block requests, I've to ask for this permission and it works like a charm now.
Related
I have a very simple flask app that has been working for years, but last week requests from the built app return a 500, and from the Flask side, I can't even see the request. I am not seeing an OPTIONS request.
The below lines worked previously to keep CORS happy.
#app.after_request
def after_request(response):
response.headers.add('Access-Control-Allow-Origin', '*')
response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization,Auth-Token')
response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE')
return response
I have tried in a few browsers and all of them fail to successfully make any requests. Since the server doesn't even acknowledge the request has been made, I am not sure where to trouble shoot. I did confirm the app returns data as expected when I use Postman to make the request, as well as confirming that if I use the app locally (gulp serve on my computer) that the requests are successful. I have to believe its CORS, but what might I have to add / do to get the browser to be happy? Thanks.
The solution to my problem was that chrome started to "restrict the ability of websites to communicate with devices on the local network"
Communicating from Chrome 94+ with LAN devices that do not support HTTPS from a web app
TLDR: React app's API calls are returning with status code 200 but without body in response, happens only when accessing the web app from some browsers.
I have a React + Django application deployed using nginx and uwsgi on a single centOS7 VM.
The React app is served by nginx on the domain, and when users log in on the javascript app, REST API requests are made to the same nginx on a sub domain (ie: backend.mydomain.com), for things like validate token and fetch data.
This works on all recent version of Firefox, Chrome, Safari, and Edge. However, some users have complained that they could not log in from their work network. They can visit the site, so obviously the javascript application is served to them, but when they log in, all of the requests come back with status 200, except the response has an empty body. (and the log in requires few pieces of information to be sent back with the log in response to work).
For example, when I log in from where I am, I would get response with status=200, and a json object with few parameters in the body of the response.
But when one of the users showed me the same from their browser, they get Status=200 back, but the Response is empty. They are using the same version of browsers as I have. They tried both Firefox and Chrome with the same behaviours.
After finally getting hold of one of the user to send me some screenshots. I found the problem. In my browser that works with the site, the API calls to the backend had Referrer Policy set to strict-origin-when-cross-origin in the Headers. However on their browser, the same was showing up as no-referrer-when-downgrade.
I had not explicitly set the referrer policy so the browsers were using each of their default values, and it differed between different versions of browsers (https://developers.google.com/web/updates/2020/07/referrer-policy-new-chrome-default)
To fix this, I added add_header 'Referrer-Policy' 'strict-origin-when-cross-origin'; to the nginx.conf file and restarted the server. More details here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
The users who had trouble before can now access the site API resources after clearing cache in their browsers.
So I have this problem and I am a bit confused on where to start. I have a Django REST API currently running on a VPS (with apache) and start with djangos runserver command (I know, I know, not the best way) so it is currently accessed via http://example.com:8000/api.
I am now moving to AWS and using Elastic Beanstalk to run my newly created Django REST API. I want to keep the domain something like example.com/api or api.example.com. Now this should be fine for me to set up but the problem I now have is I want to forward all old requests using the old API to the new API. What is the best way to do this?
Any help will be appreciated! :)
There are two ways to do this.
Rewrite
Redirect
Rewrite:
With rewrite you read the contents using the old api and serve on the same request.
Redirect:
With redirect you send a 302 with the redirect location to your new API url.
Any request to http://example.com:8000/api/something will be responded with a http status code 302 and location as http://example.com/api/something or http://api.example.com/something
If you do not wish you to use the old API, then it is better to redirect to the new destination.
If changing the URL on the client side is possible, then you can abondon mantaining the old endpoint or any of these process.
Hope it helps.
I am using AWS codestar to deploy by react application using serverless nodejs template. This is the url that is given by codestar after successfully completion of all the stages https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod . This url displayed all the components in my app correctly. In navbar of my app i have items like this a ,b,c. where clicking on each one of them will redirect to a new component.(i.e.https://xxxxx.execute-api.us-east-1.amazonaws.com/a,https://xxxxx.execute-api.us-east-1.amazonaws.com/b etc. But when i refresh the page which is having a url like this https://xxxxx.execute-api.us-east-1.amazonaws.com/b i am getting a error like {"message":"Forbidden"} and in my console it is showing like this favicon.ico:1 GET https://xxxx.execute-api.us-east-1.amazonaws.com/favicon.ico 403
It seems the chrome is fetching the favicon based on the https link, which fails because there is no such favicon at the location. I tried to remove favicon.ico link in index.html but even then the chrome is using the same url to fetch the favicon which eventually fails. I followed max number of suggestions in SO to acheive this but no luck. Is there any way to say api-gateway to exclude these favicon get requests and display my app rather than showing message forbidden.
And i am pretty sure that i had enabled logs for both the agi-gateway and lambda where i didnt find any forbidden errors(i.e.403) which is weird because i can see those 403 errors in my console.
Thanks
Any help is highly appreciated.
The https://xxxxx.execute-api.us-east-1.amazonaws.com/Prod url provided by API Gateway is the base url for your site, so those paths would have to be /Prod/a instead of /a.
One way to get around that is to register your own domain and connect it to API Gateway via a custom domain. That would allow you to have https://example.com as your base url, and your paths could stay /a, /b, etc.
I am using HTSQL with Django. I use HTSQL shell to check/generate my queries and then use them for rendering data in json and raw formats.
so like, my HTSQL shell url is:
http://127.0.0.1:8000/htsql
so when I want to access data from a table in the HTSQL shell environment, I do,
http://127.0.0.1:8000/htsql/table_name
and to get JSON data,
http://127.0.0.1:8000/htsql/table_name/:json
In background, HTSQL shell fetches this data by using a GET request. So from my client-side Javascipt/jQuery, I initiate a GET request with its URL in above format and get my desired JSON data directly.
Everything was fine when I was using local Django server, but when I deployed my project using Gunicorn and Nginx, it naturally started to block some of my long(actually, pretty long) queries in the GET requests. I searched this problem and found out that Gunicorn allows GET request values ranging from 0 to 8190 characters. So I tweaked my Gunicorn settings for the maximum limit but still the same problem. This was because my queries, when used with several filter values, are exceeding 8190 limit.
So I thought to use POST request as its normally preferred for secure and long requests. So I changed my GET request to POST request and pointed it to the same URL as mentioned above and tried it on my local Django Server(i.e without Gunicorn and Nginx). But now I get "400 BAD REQUEST". With firebug, I checked that the response was "POST requests are not permitted."
I also noticed that the HTSQL_Django Module routes all the request to htsql_django.views.gateway. I had a look to this gateway function in the views.py of htsql_django module but couldn't find any clue.
Is it so, that the HTSQL doesn't accepts POST requests?? How can I fetch/access JSON data from HTSQL using POST request?