JSONP And Sharing Cookies From One Server To Another?
Jun 21, 2010
I'm working on an intranet system (.NET 3.5); the main pages are served up from a standard ASP.NET server. I would like to use Ajax on those pages to contact a WCF service running on a different machine, to retrieve data, do CRUD operations - the usual Ajax stuff.
The problem I'm trying to resolve is: can I take cookies which were set by the ASP.NET server, and include them on requests to the WCF service? If so, how?
My understanding is that JSONP bypasses XSS restrictions by "wrapping" the Ajax request within a standard <script src="MyAjaxCall?SomeData=SomeValue"> tag. With that in mind, it would seem I'm at the mercy of the browser as to which cookies (if any) will be included in MyAjaxCall. Since the cookies originate from the ASP.NET server, the browser likely won't include them in the call to WCF.
Since this is an intranet application, I cannot necessarily rely on domain wildcarding (*.mydomain.com) to make sure the cookies are shared across multiple machines - the client may well be accessing machines by their simple network name or even IP address directly.
edit: accepting Julian's answer, since using JS to manually grab a cookie's payload and jam it onto the URL seems like the only way to work-around the restriction (tho it feels somewhat inelegant :)
In my website I am maintaining cookies for the login so that if I open the browser again then no need to login again.
But when I am switching browser(from ie to ff or viceversa) then the cookies are lost and the user is not identified, I want to maintain them in this scenario also.
I have a main domain "mydomain.com" and then a sub domain "forums.mydomain.com". If a user visits "forums.mydomain.com" without being logged in, they are redirected to "mydomain.com/login.aspx".
The two scenarios are:
If they are redirected to the login page with "mydomain.com/login.aspx?ReturnUrl=http://forums.mydomain.com", then they are succesfully logged into the forums but NOT the main site.
If they are simply redirected to the login page with "mydomain.com/login.aspx" with no returnUrl, they are correctly logged into both the main site and the forums.
I see on the bottom of blog pages a sharing buttons (Twitter and Facebook), where if clicked the link behind (which is normally the blog page url) the fshare button takes the clicker to the blog site facebook page respectively.
How does one do this in asp.net 2 , does one one use the <%# %> in the url part of these share buttons, are there any examples of how this is done?
I'm a having a problem in passing the value of a variable from child package to the parent package in SSIS. either using configurations or using scripting (c# or vb.net)..
I have two different IIS applications within the same domain(let us say www.mydomain.com) , both of these applications use the same database instance(same connectionstring), now what I want is that both of applications can see each sessions variables , can SQL Server session state mode helps in this case? Did someone try that before? Is there any other way to share the session variables?
I'm handling cookies using JavaScript to store some values in my asp.net web application.I use document.cookie to save some values (converted into a lengthy string). But i want that value to be accessible across all the pages in my application.When i try to get that value from a different page, i get the values pertaining to the document in the current URL.
In short i save the value in the cookie in http://myapp/doc1.aspx and want to retrieve it in http://myapp/doc2.aspx
So is document.cookie is pertaining to a single document scope? How can i save/read cookies across the site?
Update.This is how i get and set cookies
function getCookie(c_name) { try{ [code]...
But i'm getting different values for the cookies in different pages.
in my webservice (asp.net) I'm returning the response with a content type of application/javascript. The response the server is actually sending back is: jsonp1276109314602({"message":"I'm getting tired of this not working"}) The jsonp1276109314602 method name is being randomly generated by jquery, and I'm grabbing it with Request.QueryString["callback"] However my success function is never called and the firebug console gives me an error saying jsonp1276109314602 is not defined. What am I doing wrong?
NOTE: I'm making this call from a greasemonkey script on a craigslist page. It's a cross-domain request, but I can see the request is actually making it to the server and returning a good response, but for whatever reason the registered callback that jquery creates appears to not exist when the response comes back. It works fine if I run the script in the firebug console from the craigslist page, but not when it's run from the greasemonkey script.
EDIT: At first I thought it wasn't working cross domain at all, now I realize it only works in IE. I'm using jQuery to call a web service (ASP.NET .axmx), and trying to us jsonp so that I can call it across different sites. Right now it is working ONLY in IE, but not in Firefox, Chrome, Safari. Also, in IE, a dialog pops up warning "This page is accessing information that is not under its control..."
The service cannot be activated because it does not support ASP.NET compatibility. ASP.NET compatibility is enabled for this application. Turn off ASP.NET compatibility mode in the web.config or add the AspNetCompatibilityRequirements attribute to the service type with RequirementsMode setting as 'Allowed' or 'Required'.
when i try to access wcf service i get this error: the reason is HttpContext.Current is null, what should i do in this case?
Object reference not set to an instance of an object.
System.Web.Script.Serialization.JavaScriptSerializer s = new System.Web.Script.Serialization.JavaScriptSerializer(); Person p = new Person() { FirstName = "First name", LastName= "last name" }; string json = s.Serialize(p); System.Web.HttpContext.Current.Response.Write("jsoncallback" + json);} //error
How can I implement Jquery JSONP in my ASP.NET project. My application flow is described below:
1) I am opening a HTTP page, where I have got JQuery login dialog box, from which username and password is posted to my Login.aspx page, which has got one method "GetLoginDetails" which takes posted username and password and sends to a WEBSERVICE which checks the users name and password and return back with "success=true"
2) so in my response I get "success=true", I read that value from jquery and works according to responded text on my client side it display message "Logged in Successfully".
I am trying out jsonp with jQuery. I found many examples on the web and I believe my code is correct, but its still not working for me.
My web service:
using System.Web; using System.Web.Script.Services; using System.Web.Services; using System.Web.Script.Serialization;..........
Firebug shows this is a success, but I am getting null from the alert. I have my webservice in iis7 locally and I am testing through my debug in my client project.
I am creating a web application in C#.When my page loads I fire an asynchronous thread to process some data. Part of this processing is the updating of a cookie. However when I save the cookie to the response by System.Web.HttpContext.Current.Response.Cookies.Add(c) where c is the HttpCookie, I get the following exception:HttpException: Server cannot modify cookies after HTTP headers have been sent.
I'm using SQLSERVER 2005, In "Connect to Server" window I want to remove some all server names (like cookies in Textbox) which I used. When I click on this dropdown it listing all server names. I want to remove these.
I previously asked on StackOverflow how to parse XML downloaded programmatically by my ASP.net application. By this, I mean that the user visits https://www.example.com/page1.aspx. The code-behind for page1.aspx is supposed to somehow download and parse an xml file located at https://www.example.com/foo.xml.
I received good answers about how to parse the XML. However, I've been out of luck with being able to retrieve XML from my secure HTTPS server.
I am looking at a situation where https://www.example.com/foo.xml authenticates requests with a cookie. (third party system, not Forms Authentication). The answer I received to my question about how to download and parse XML suggested that I use the System.Net.WebClient class. I read that the WebClient class must be customized to work with cookies. Therefore, I wrote the following code:
public class WebClientWithCookies : WebClient { private CookieContainer m_container = new CookieContainer(); public CookieContainer CookieContainer
[Code]....
However, when the request is received at https://www.example.com/foo.xml, there are no cookies in the request, and so it doesn't work.
i have a need to generate JSONP using MVC 2 for a 3rd party App...It seems there is no actionresult for this OOTB in MVC 2 so i need to create a custom one..i found the following article on such here; [URL] My first question is...Where do i put the custom actionresult code? Secondly...How can i use this to new JSONP actionresult to return data from my data model? Currently , my current JSON actionresult (remember..i need JSONP) looks like this;
[Code]....
How can i use the new JSONP Actionresult to return db.GetTopGainers()?
I´m using mvc futures 2 with WebApiEnabled for XML and JSON support. But due to cross domain issues with jQuery $.ajax I´m lookin in to JSONP. Is there a simple way to extend futures rest function for JSONP or should I do something else.
We have a series of Silverlight apps that use WCF services via SOAP for just about everything. As we migrate to AJAX we've been hoping to expose the same services via JSONP with little more than config changes on the server.Although the message "Cross domain javascript callback is not supported in authenticated services" seems pretty explicit, I'm hoping there might be a way to allow it. We have a need to expose user-centric data across domains, but we'll need to roll our own JSONP to make it happen if this is a hard "unsupported". It would be even better if there was a way for the server to validate the referrer against the client access policy we provide for Silverlight clients, but for now we just need the general requests to not fail if the user happens to have an auth cookie for our domain from a previous visit.f there's no way to allow this to just work, we're also considering the option of channeling the requests through an IFRAME, but we're definitely open to other recommendations.
We have a basecontroller that has both an OnActionExecuting and OnActionExecuted. Occassionally, the OnActionExecuted will throw an exception 'Server cannot modify cookies after HTTP headers have been sent.'. This doesn't happen all the time, and we can't find a pattern to it. My guess, based on searching, is that filterContext is not always the current context. Is there a way to rewrite the Cookies.Add to get the current context, always? Or is the fact that we are in the ActionExecuted mean the headers will always already have been sent and we shouldn't be doing anything like this in the executed step?
I have a simple script making a request to the server:
var DTO = { 'path': path }; var url = 'default.aspx/Get'; var test; $('#getInstance').click(function () { $.ajax({ url: url, type: 'POST', dataType: 'json', data: JSON.stringify(DTO), contentType: 'application/json; charset=utf-8', success: function (msg) { test = msg; }, error: function (jqXHR, textStatus, errorThrown) { alert(textStatus); alert(errorThrown); } }); });
This works fine as in it connects to the server and gets the data back, with one simple problem. It is treating this request as a cross domain request, therefore using jsonp. The server code is here:
[WebMethod] [ScriptMethod(ResponseFormat = ResponseFormat.Json)] public static MyObject Get(string path) { MyObject foo = new MyObject(); return foo; }
Normally this would not be a problem, except that I am accessing a WebMethod, and it doesnt have the capability to return a jsonp response (meaning it has no way to attach the callback function to the response. Now, if this was a manual response, I could hack it up and attach the parameter, but I am taking advantage of the built-in serialization, so no way to mess around with the response. [URL]
Let me just stress the fact that this code works. The only problem is jQuery treating this request as cross domain. But Why? UPDATE: Well, after many more hours and more testing I have narrowed this issue down to it being a bug in jquery 1.5.1. I did some testing with older versions (all 1.4 versions) and I had no problem, the request was made using JSON, and the response was received successfully. What could be the change they made that would consider this request a CORS?
I am trying to make ActionFilter which redirects banned users to /Error/NoAccess site, so I have ActionFilter:
[Code]....
Before each public class xxxxxxController : Controller I use [NoBannedUsersActionFilter]. But for example on website /Account/LogOff I have error: 'Server cannot modify cookies after HTTP headers have been sent.' and VisualStudio shows me AccountModel.css file and this method:
I have been experimenting with code that will clear all of the cookies in an HttpContext.Response.Initially, I used this:
DateTime cookieExpires = DateTime.Now.AddDays(-1); for (int i = 0; i < HttpContext.Request.Cookies.Count; i++) { HttpContext.Response.Cookies.Add( new HttpCookie(HttpContext.Request.Cookies[i].Name, null) { Expires = cookieExpires }); }
this will error with an OutOfMemoryException because the for loop never exits - each time you add a cookie to the Response, it also gets added to the `Request.
I know that if I have set a cookie on a previous request, it will show up in my Request.Cookies collection. I want to update my existing Cookie. Are the cookies from my Request.Cookies collection already copied to my Response.Cookies collection? Do I need to add a new cookie with the same key using Response.Cookies.Add(), or do I need to use Response.Cookies.Set()?