I want to create CSR(Certificate Signing Request) using javascript at client side using any browser(IE, Firefox, Chrome etc).
I have google it and found some js belows like PKIJS and WEB API Crypto and HTML KEYGEN Tag.
https://pkijs.org/
https://developer.mozilla.org/en/docs/Web/API/SubtleCrypto
But not able to find some relavant resources or example to generate CSR using javascript at client side.
It will be much appreciated if anyone can help me ..
Here is a sample using PKI.js to generate a CSR. Source code here
Related
I am trying to get the fingerprint as can be seen from this snapshot.
I tried searching for the fingerprint but it's not in the response or cookies. I am wondering how this fingerprintjs works so that I can imitate and return the fingerprint item.
The website is https://alfagift.id/
When you take a look into network, especially categories, there's a preflight and an xhr where it is initiated by https://alfagift.id/_nuxt/ca268e7.js
I've tried doing a requests
resp=requests.get(" https://alfagift.id/")
resp.cookies
nothing seems to be returning the fingerprint that's needed.
Can anyone show me how you can get the fingerprint?
This file's rendering and executing the fingerprinting script on the client side: https://alfagift.id/_nuxt/f9d159c.js
Proof:
__fpjs_d_m||Math.random()>=.001))try{var t=new XMLHttpRequest;t.open("get","https://m1.openfpcdn.io/fingerprintjs/v3.3.3/npm-monitoring",!0),t.send()}catch(t){console.error(t)}}(),[4,vt(r)];case 1:return t.sent(),[2,gt(L(ft,{debug:n},
Used library: https://github.com/fingerprintjs/fingerprintjs
I am trying hit following link Actual link from requests and python, since it is Javascript I dont want to use selenium for automation.
I know it uses api in backend, However I am not sure where to put key in url it has x-api-key for following url , I tried using ?x_api_key='key' in request header still not working
Api Link
Currently I'm working on a jQuery Mobile website which will later be transformed into an app via Titanium. I have created a RESTful JSON web service, which is running on a different server than the jQuery Mobile application. The web service is consumed via AJAX using JSONP.
One thing I find annoying is that I can't make use of HTTP error codes, because jQuery automatically aborts a JSONP call whenever the server issues an error. I can never get hold of the error code on the client side.
Another thing is that JSONP only works with the HTTP verb GET, you cannot issue a JSONP POST for example (Currently, the web service is GET only, but that could change).
Are there any alternatives to JSONP? Or is JSONP the only choice I have when using remote JSON web services with AJAX? For example, how do Twitter apps interact with the Twitter API (they have a REST API)?
Your question is a nice illustration why people complain that jquery is too easy to adopt ;)
JSONP is not ajax. There are no success and failure callbacks. JSONP is this:
put the parameters in the url
add &jsoncallback=random2745273
create a global variable random2745273 and put the callback reference in it
add <script src="theurlhere"></script> to the head
that's all you can do.
The server returns
random2745273({somedata});
and that's how your callback is called.
If you want to report errors, then your server has to generate a correct code. You will not know what HTTP headers were sent.
And this is the only way you can communicate cross-domain with an api.
Sending cross-domain communicates is also possible with generating iframes, but it's hacky and rarely used.
[edit]
Ok, that got me thinking... I could use the iframe hack to wrap over the JSONP!
And as usual - I wasn't the first to have the idea (and I'm finally humble enough to google my ideas expecting it ;) )
Here it is: http://beebole.com/en/blog/general/sandbox-your-cross-domain-jsonp-to-improve-mashup-security/
awesome
[edit2]
awww, I forgot... There's another one.
window.postMessage
It already got implemented in some browsers. If you don't have to be compatible with most of the browsers, you can start using it now! :)
After some more research on postMessage I found an alternative to JSONP: AJAX via Cross-domain messaging with EasyXDM.
See http://easyxdm.net/wp/2010/03/17/cross-domain-ajax/
I want to be able to send a simple http post from my firefox extension to my ASP.NET application. From the client side, I have used XMLHTTPRequest by sending the post with the url: http://localhost:15227 which is the url on my ASP.NET app.
What do I need to do to receive a remote request from ASP.NET please?
thanks
This page from Apple has a pretty good example of how to send/receive data using a raw XmlHttpReqeust object (as opposed to a JavaScript library).
You can get the value of the response from the responseText property once you know the response came back successfully. Specifically take a look at where the processReqChange function is defined, your code will go in there (or your equivalent of that function).
If you want to explore JavaScript frameworks, take a look at how much less code you need if you use jQuery get (for example).
I am not gettng the RESTful thing. Yes, I know how to send a GET request to my app from my browser. It's through URL linking.
<a href="/user/someone">
And can also send POST requests through form method.
<form method="post">
Beside that I know browsers sometimes send HEAD command to figure out page status, but on which the end user has no control.
Then what are those DELETE and PUT commands I am reading of? How do you send, for example a DELETE command from your browser to your RESTful application?
The HTML 4.01 specification describes only GET and POST as valid values for the method attribute. So in HTML there is no way of describing other methods than this by now.
But the HTML 5 specification (currently just a working draft) does name PUT and DELETE as valid values.
Taking a look into the XMLHttpRequest object specification (currently just a working draft too) used for asynchronous requests in JavaScript (AJAX), it supports the PUT and DELETE methods too, but doesn’t say anything about the actual support by current browsers.
To simulate PUT and DELETE, frameworks like Rails instead build forms like this:
<form action="/users/1/delete" method="post">
<input type="hidden" name="_method" value="delete" />
<input type="submit" value="Delete user 1" />
</form>
This is actually a POST form, but using the hidden _method input to tell the server which method was really intended. You could implement this support on any other web framework as well.
#C Moran is right: if you want to be truly RESTful, a browser isn't an ideal client, due in part to the lack HTTP methods beyond GET and POST. However, if you really want to do it from a browser, you can use AJAX to send PUTs and DELETEs, e.g. YUI's Connection Manager allows you specify any of the following HTTP methods:
GET
POST
HEAD
PUT
DELETE
I've heard that DELETE and PUT is not fully supported in all browsers (I didn't check it). Rails is doing workaround - it is sending POST with a hidden field containing real method. So it really uses only GET and POST and on server it reads this hidden field and reacts on it.
A POST doesn't have to be through a form. The best way to learn about this, and also GET, PUT and DELETE is to use a ReST client to make your HTTP requests and see the responses. I recommend you download the nifty little python client from http://restclient.org/
A browser is (as of now) not your best tool to use while you are acquainting yourself with ReST. A client like the one above will allow you to "see" your HTTP requests and responses.
Flash based applications (or Flex) can work on lower levels, like open sockets. They can also do PUT/DELETE (though Flex in particular is known to have problems with http headers.
So I guess I'm saying it depends on your client technology. In particular, you could embed a small flash object that would do the communication for you if your browser doesn't support it (or you don't want to implement cross-browser support).
DELETE and PUT are HTTP verbs, say REST commands that shall delete or update an object on the server.
Using them in the browser can be done in different ways. You can't send them through HTML, but you can send an JavaScript Ajax request, if you want to use them programmatically.
If you only want to explore the API or test some calls, and you want to do this from the browser, you can use browser plugins like RESTED for firefox.
For manual and automatic testing you can use Postman as a full featured API test environment.
On Windows, you can use the PowerShell script httprepl to send different HTTP RESTful API usages.