X-CGP-ClamAV-Result: CLEAN X-VirusScanner: Niversoft's CGPClamav Helper v1.25a (ClamAV 0.103.8/26912) X-Junk-Score: 0 [] X-KAS-Score: 0 [] Return-Path: Received: from mail-03.1984.is ([93.95.224.70] verified) by post.selbstdenker.com (CommuniGate Pro SMTP 6.3.18) with ESMTPS id 30797932 for webobjects-dev@wocommunity.org; Fri, 19 May 2023 12:28:08 +0200 Received-SPF: none receiver=post.selbstdenker.com; client-ip=93.95.224.70; envelope-from=hugi@karlmenn.is Received: from localhost by mail-03.1984.is with esmtp (Exim 4.94.2) (envelope-from ) id 1pzxKq-00AAai-Df for webobjects-dev@wocommunity.org; Fri, 19 May 2023 10:27:47 +0000 From: Hugi Thordarson Content-Type: multipart/alternative; boundary="Apple-Mail=_58045797-012B-4845-8DB6-57D6DD494BD3" Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\)) Subject: Re: [WO-DEV] Https request examples? Date: Fri, 19 May 2023 10:27:43 +0000 References: To: WebObjects & WOnder Development In-Reply-To: Message-Id: <57EB5013-FBB6-446F-926A-F4F956082727@karlmenn.is> X-Mailer: Apple Mail (2.3696.120.41.1.1) X-Spam-Score: 1.0 (+) X-Authenticated-User: hugi@karlmenn.is X-Sender-Address: hugi@karlmenn.is --Apple-Mail=_58045797-012B-4845-8DB6-57D6DD494BD3 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Weirdness like this is a little hard to debug without seeing code/seeing = it in action. But my initial guess would be that if you're loading a = document that has resources with relative URLs, those will probably be = pounding your application (and even the component request handler) and = might be putting your session's page cache into a weird state? Only a = wild guess. As for the resources, if they're relative URLs referencing a different = server you might want to try insert a tag into the iframe's HTML = head, something like: /"> . This will give the frame a, well, = base, for fetching those relative resources. If you want to avoid modifying the response, you apparently have the = option of doing this via JS (again, something I've never done so YMMV): = https://stackoverflow.com/questions/7870237/setting-the-base-tag-of-a-dyna= mically-created-iframe = If for some reason you can't do that, you could go through every href=3D = and src=3D attribute in your fetched iframe HTML and convert to absolute = URLs? Very fun indeed. Regarding the usage of an iframe as a whole; you could also use a direct = action as the "src" for the iframe, passing in parameters as query = parameters to the direct action. But that would require you to expose = your parameters which of course, you might not want to do (although you = could of course obfuscate the parameters somehow, or store the = parameters in the session and pass them through there=E2=80=A6 But this = is starting to sound like a hassle :). So; nothing concrete. Just grabbing at straws, but hopefully there's at = least something that can help you out here. Cheers, - hugi > On 18 May 2023, at 16:36, Markus Ruggiero (rucotec) = wrote: >=20 >> On 8 May 2023, at 19:16, Hugi Thordarson wrote: >>=20 >> Hi Markus, >>=20 >> is the server using a self-signed certificate? If not, i.e. it's just = good ol' https with a cert issued by a trusted CA, you should be fine = using the build in java http client with https, something like=E2=80=A6 >>=20 >> ----------------------- >>=20 >> public static String post( final String url, final String requestBody = ) throws IOException, InterruptedException { >> // Create a client (the client can be reused so for performance = sensitive code, I wouldn't do this within the method) >> final HttpClient client =3D HttpClient >> .newBuilder() >> .build(); >>=20 >> // Construct a request to submit >> final HttpRequest request =3D HttpRequest >> .newBuilder() >> .uri( URI.create( url ) ) >> .POST( BodyPublishers.ofString( requestBody, = StandardCharsets.UTF_8 ) ) >> .build(); >>=20 >> // Submit the request >> final HttpResponse response =3D client.send( request, = HttpResponse.BodyHandlers.ofString( StandardCharsets.UTF_8 ) ); >> return response.body(); >> } >>=20 >=20 > Hugi, >=20 > thanks a lot, this works perfectly. >=20 > But (there is always a but) >=20 > What do I do with the returned result? > My problem is that no matter what I try the resultant string is not = properly used as the content of the iFrame. I am probably just = thoroughly confused but WO seems to mix and match things in a way that = either the initial POST body is displayed instead of the result or the = resultant string is parsed but no linked resources are found as they are = all tried to be accessed through my application. And of course there = they aren=E2=80=99t. >=20 > I have the following def in my WOD >=20 > iFrame : ERXIFrame { > action =3D createMyIFrameContent; > style =3D "width:100%; height:90vh; border:solid 2px green"; > } >=20 > I cannot use either pageName nor src bindings because I need to create = some xml content and a POST request. So I use the action = createMyIFrameContent() to create the content for the iFrame. But how? >=20 > Inside createMyIFrameContent() I built the xml and used your code to = submit the POST. Worked and I did get a result back. But then? When I = create a new WOResponse and set the result as its content WO displays = the original request body (the xml), not the resulting content.=20 > So I created a new WOComponent that createMyIFrameContent() = instantiates with pageWithName(), passes some data to it for the = generation of the xml and returns this to the iFrame. In the new = component I override appendToResponse(), execute the POST and set the = result as the content. I also tried overriding generateResponse(). In = both cases I do get the result from the POST rendered but no externally = linked resources are found because they are seen as relative to my = application (css, images, etc). >=20 > Basically the question is =E2=80=9Chow do I break out of my = application and have that dynamically generated remote page inside my = iFrame?=E2=80=9D As I said, I am confused and don=E2=80=99t see the = forest for the trees anymore. >=20 > ---markus--- >=20 >> ----------------------- >>=20 >> - hugi >>=20 >>=20 >>> On 8 May 2023, at 14:34, Markus Ruggiero (rucotec) = wrote: >>>=20 >>> I need to make a https POST request to a 3rd party web server = sending xml along in the body of the request. The server is supposed to = return a html page which I should then display inside an iFrame. >>>=20 >>> Does any body have some example code how to do such an https = request? Easy to create the xml but I am not quite sure about the = SSL/TLS part. >>>=20 >>> Thanks a lot >>> ---markus--- >>>=20 >>=20 >>=20 >> ############################################################# >> This message is sent to you because you are subscribed to >> the mailing list . >> To unsubscribe, E-mail to: >> To switch to the DIGEST mode, E-mail to = >> To switch to the INDEX mode, E-mail to = >> Send administrative queries to = >>=20 >=20 >=20 --Apple-Mail=_58045797-012B-4845-8DB6-57D6DD494BD3 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Weirdness like this is a little hard to debug without seeing = code/seeing it in action. But my initial guess would be that if you're = loading a document that has resources with relative URLs, those will = probably be pounding your application (and even the component request = handler) and might be putting your session's page cache into a weird = state? Only a wild guess.

As for the = resources, if they're relative URLs referencing a different server you = might want to try insert a <base> tag into the iframe's HTML head, = something like: <base href=3D"https://actual.server.com/"> . This will give the = frame a, well, base, for fetching those relative resources.

If you want to avoid modifying the response, = you apparently have the option of doing this via JS (again, something = I've never done so YMMV):
https://stackoverflow.com/questions/7870237/setting-the-base-ta= g-of-a-dynamically-created-iframe

If = for some reason you can't do that, you could go through every href=3D = and src=3D attribute in your fetched iframe HTML and convert to absolute = URLs? Very fun indeed.

Regarding the usage = of an iframe as a whole; you could also use a direct action as the "src" = for the iframe, passing in parameters as query parameters to the direct = action. But that would require you to expose your parameters which of = course, you might not want to do (although you could of course obfuscate = the parameters somehow, or store the parameters in the session and pass = them through there=E2=80=A6 But this is starting to sound like a hassle = :).

So; nothing concrete. Just grabbing at = straws, but hopefully there's at least something that can help you out = here.

Cheers,
- hugi


On 18 May 2023, at 16:36, Markus Ruggiero = (rucotec) <markus.ruggiero@rucotec.ch> wrote:

On 8 May 2023, at 19:16, = Hugi Thordarson <hugi@karlmenn.is> wrote:

Hi= Markus,

is the server using a self-signed = certificate? If not, i.e. it's just good ol' https with a cert issued by = a trusted CA, you should be fine using the build in java http client = with https, something like=E2=80=A6

-----------------------

public = static String post( final String url, final String requestBody ) throws = IOException, InterruptedException {
// Create = a client (the client can be reused so for performance sensitive code, I = wouldn't do this within the method)
final = HttpClient client =3D HttpClient
= .newBuilder()
.build();

= // Construct a request to submit
final = HttpRequest request =3D HttpRequest
= .newBuilder()
.uri( URI.create( url ) )
= = .POST( BodyPublishers.ofString( requestBody, = StandardCharsets.UTF_8 ) )
.build();

= // Submit the request
final HttpResponse<String> = response =3D client.send( request, HttpResponse.BodyHandlers.ofString( = StandardCharsets.UTF_8 ) );
return response.body();
}


Hugi,

thanks a lot, this works = perfectly.

But (there is always a but)

What do I do with the returned result?
My problem is that no matter what I try the resultant string = is not properly used as the content of the iFrame. I am probably just = thoroughly confused but WO seems to mix and match things in a way that = either the initial POST body is displayed instead of the result or the = resultant string is parsed but no linked resources are found as they are = all tried to be accessed through my application. And of course there = they aren=E2=80=99t.

I have the following = def in my WOD

iFrame : ERXIFrame {
= action =3D createMyIFrameContent;
style =3D = "width:100%; height:90vh; border:solid 2px green";
}

I cannot use either pageName nor src bindings = because I need to create some xml content and a POST request. So I use = the action createMyIFrameContent() to create the content for the iFrame. = But how?

Inside createMyIFrameContent() I = built the xml and used your code to submit the POST. Worked and I did = get a result back. But then? When I create a new WOResponse and set the = result as its content WO displays the original request body (the xml), = not the resulting content.
So I created a new WOComponent = that createMyIFrameContent() instantiates with pageWithName(), passes = some data to it for the generation of the xml and returns this to the = iFrame. In the new component I override appendToResponse(), execute the = POST and set the result as the content. I also tried overriding = generateResponse(). In both cases I do get the result from the POST = rendered but no externally linked resources are found because they are = seen as relative to my application (css, images, etc).

Basically the question is =E2=80=9Chow do I break out of my = application and have that dynamically generated remote page inside my = iFrame?=E2=80=9D As I said, I am confused and don=E2=80=99t see the = forest for the trees anymore.

---markus---
-----------------------

- = hugi


On 8 May 2023, at 14:34, Markus Ruggiero (rucotec) <markus.ruggiero@rucotec.ch> wrote:

I need to make a https POST request to a 3rd party web server = sending xml along in the body of the request. The server is supposed to = return a html page which I should then display inside an iFrame.

Does any body have some example code how to do = such an https request? Easy to create the xml but I am not quite sure = about the SSL/TLS part.

Thanks a lot
---markus---



#############################################################This message is sent to you because you are subscribed = to
the mailing list <webobjects-dev@wocommunity.org>.
To = unsubscribe, E-mail to: <webobjects-dev-off@wocommunity.org>
To = switch to the DIGEST mode, E-mail to <webobjects-dev-digest@wocommunity.org>
To = switch to the INDEX mode, E-mail to <webobjects-dev-index@wocommunity.org>
Send= administrative queries to  <webobjects-dev-request@wocommunity.org>




= --Apple-Mail=_58045797-012B-4845-8DB6-57D6DD494BD3--