Posts

Showing posts from 2018

cross origin and cors

The browser same origin policy is a security mechanism which restricts how a document loaded from one origin can interact with another origin For us engineers it means if you need to make (certain) kinds of requests to a different origin then you need to be aware of the restrictions and how to work around. See mdn docs here for explanation of what is and is not considered same origin. Some cross origin requests are allowed such as  embedding: images (img), stylesheets, scripts, fonts, iframe links, redirects and form submissions So what to do if you need to make cross origin requests which are restricted? You need to use  CORS (cross origin resource sharing). It is a http header mechanism which allows a server to configure origins (other than it's own) for which it allows requests. If mydomain.com wants to make a http request to yourdomain.com then unless yourdomain.com configures CORS that request will fail. Some http requests are considered "simple" e.g. Get and POST u
Post a Comment
Read more

Understanding Typescript-fsa

Consider: const createAction = actionCreatorFactory('WIDGET'); export const fetchData = createAction.async<{ tld: string }, WidgetDTO>('FETCH'); createAction.async() takes 3 param types as follows and also a namespace (at end):   params type   success type   error type createAction.async() returns an object with type and 3 functions: {   type: "WIDGET/FETCH",   started: ƒ,   done: ƒ,   failed: ƒ } Now if you call object.started() like so:   fetchData.started({input: 'my param'}) ...it will return an action as follows. Note the type value {   type: "WIDGET/FETCH_STARTED",   payload: { input: "my param" } } If you call done() like so   fetchData.done({     params: { tld: 'param passed' },     result: {       publicUrl: 'string',       tld: 'string',     }})); ...it will return an action as follows. Note the type value {   type: "WIDGET/FETCH_DONE",   payloa
Post a Comment
Read more

Use Postman to execute protected endpoint

Image
You want to call an api that is protected by access layer with token identity in cookie. You can see the requests in Browsers network tab But when hit api in Postman you get "unauthorized" error You need the cookies. The easiest way is In chrome Network tab, right click on the api request Choose Copy -> Copy as Curl Now go to Postman, click Import tab across the top In dialog presented choose "Paste Raw Text" and paste in the curl You should see a new endpoint created in Postman and you can run it
Post a Comment
Read more