Advertisement
DanielSaryn
-
Posts
4 -
Joined
-
Last visited
Recent Profile Visitors
453 profile views
DanielSaryn's Achievements
-
Version 1.0.0
16 downloads
This plugin aims to tackle a very specific issue which occurs when you try to use OAuth2 and JavaScript together in a browser application. Until now, this was not really feasible as the use of the Authorization header in the request will cause the browser to send a CORS pre-flight request to the endpoint. This request is an OPTIONS request and since it is not GET, PUT, POST or DELETE; IPS defaults to handling it as a GET request. As a result, the pre-flight request fails and causes the user to rely on a proxy of some sort to send the request with PHP or another server-side language. This plugin extends the API dispatcher class and handles processing and generating a valid CORS pre-flight request response with the following headers: Access-Control-Allow-Methods Generated automatically from the methods of the endpoint being called. If the endpoint supports GET and POST, the allowed methods header will contain GET, POST but not PUT or DELETE. Access-Control-Allow-Headers Generated automatically from the request "Access-Control-Request-Headers" header to allow any headers being passed in the request. This is not the most secure method but it is version 1.0.0, maybe I will implement a setting for specific headers in a future version. Access-Control-Allow-Origin Generated from the plugin settings (see attached screenshot). It evaluates the "Origin" (or "Referer") header and if the request comes from one of the whitelisted domains in the plugin settings, it will set the value of the "Access-Control-Allow-Origin" header to be the domain of the request. Otherwise, the header will not be set and the CORS request will fail. NOTE: Setting "*" as one of the allowed domains will allow CORS requests from any domain. This creates a possible XSS vulnerability and I would not recommend setting that option. -
Version 1.0.0
168 downloads
This application allows granting Moderators the power to change the primary group of members in ModCP as long as the member's primary group is one of the selected groups in the ACP settings. It works both with moderator groups and single moderator members. -
I managed to find a solution, although it is not optimal in my eyes. Instead of building a new \IPS\Http\Url object, I created an internal URL. Before: $baseUrl = new \IPS\Http\Url('url', false); Now: $baseUrl = \IPS\Http\Url::internal('app=myapp&module=parser&controller=parser'); This fixed the issue, but I still would have preferred to use the base \IPS\Http\Url object as it looks cleaner than the internal URL. Hope this helps anyone that runs into something similar after me.
-
Hello everyone, I'm trying to get to grips with developing applications in IPS so I can help out in a Community that runs IPS. In the process, I have found myself trying to create and display a table using the IPS Table Helper. I have ran into a bit of an issue though, here is my code: $baseUrl = new \IPS\Http\Url('url', false); $table = new \IPS\Helpers\Table\Db('table_name', $baseUrl); $table->rowsTemplate = [\IPS\Theme::i()->getTemplate('tables', 'core', 'admin'), 'rows']; $table->tableTemplate = [\IPS\Theme::i()->getTemplate('tables', 'core', 'admin'), 'table']; $table->limit = 25; \IPS\Output::i()->output .= $table; I would imagine that it would be rather simple and straightforward. However, when it comes to running this code using the appropriate do method in my application, an error is thrown: Extract from the Whoops Error handler: /IPS/system/Helpers/Table/Table.php $this->sortDirection = ( mb_strtolower( \IPS\Request::i()->sortdirection ) === 'desc' or mb_strtolower( \IPS\Request::i()->sortdirection ) === 'asc' ) ? mb_strtolower( \IPS\Request::i()->sortdirection ) : NULL; } /* Filter? */ if ( \IPS\Request::i()->filter ) { $this->filter = \IPS\Request::i()->filter; } /* Set base URL */ $this->baseUrl = $baseUrl->setQueryString( array( 'filter' => $this->filter, 'sortby' => $this->sortBy, 'sortdirection' => $this->sortDirection ) )->setPage( $this->paginationKey, $this->page ); /* Templates */ $this->tableTemplate = array( \IPS\Theme::i()->getTemplate( 'tables', 'core' ), 'table' ); $this->rowsTemplate = array( \IPS\Theme::i()->getTemplate( 'tables', 'core' ), 'rows' ); /* Create a unique id used by the template - can be overriden manually if desired */ $this->uniqueId = md5( mt_rand() ); } I have been reading the Documentation for IPS 4.4 from here: https://codingjungle.com/phpdoc/40400/ There is no mention of the existance of a method called setPage in the \IPS\Http\Url class so it's safe to say that I'm pretty confused right now. Any input or ideas on how to work around this would be greatly appreciated. Cheers!
