Welcome to Keen Software House Forums! Log in or Sign up to interact with the KSH community.
  1. You are currently browsing our forum as a guest. Create your own forum account to access all forum functionality.

JS apps talking to /vrageremote (Remote API)

Discussion in 'Groups & Dedicated Servers' started by mccorkle, Aug 21, 2019.

Thread Status:
This last post in this thread was made more than 31 days old.
  1. mccorkle Trainee Engineer

    Messages:
    26
    Thanks to @Shibiko and @ThisIsADogHello I currently have a simple vueJS web app making requests against the remote API using Axios.

    Unfortunately, there are still a few things that are stopping me from making it work properly.

    I'll document those here and then propose my solutions (and what I am doing as an alternative) below.

    Problems:
    1) It is against the XmlHttpRequest spec to provide a Date in the header, therefore none of the js http libraries that I've tried will allow me to send `Date:`. As Date is required for the server to decode the Authorization header, the request will fail.

    2) the server does not respond with a CORS Access-Control-Allow-Origin, so the request isn't allowed to happen from the browser when the site origin is anything else other than the dedicated server's hostname/IP and port number.


    Proposed Solutions:
    1) accept headers of both Date: and authDate: (or something similar) for the incoming date in the http requests so that web browser based clients can provide authDate: with the date and time to decode Authorization.

    2) Add the CORS header to all http responses from the Remote API. This appears to be 5 lines of code according to enable-cors, but I do not know the details of of the Microsoft-HTTPAPI implementation inside of dedicated server
    * Example .NET code and details here: https://enable-cors.org/server_aspnet.html


    In the mean time, I am working on a local proxy that will both serve up my web app and proxy the API requests. My local proxy will:
    * convert my authDate to the expected Date header to send along to the dedicated server.
    * Since I will be doing a proxy request for the webapp code and relaying all requests to the real API through the same hostname + port, I'll be able to skip the requirement for CORS

    Though I'm confident I'll get that working, the two proposed solutions above will make it considerably easier for existing web developers to talk to the Remote API service.
     
  2. Ronin1973 Master Engineer

    Messages:
    4,964
    Have you tried posting this on the support board or mentioning it in the Discord group? It probably won't get the attention of any developers on this forum.
     
  3. mccorkle Trainee Engineer

    Messages:
    26
    I have not pinged the discord yet. I put it here since I knew Keen was busy working to get the econ release out today :)

    If I haven't heard anything back by mid next week, I'll start posting in discord and the main support sight.
     
Thread Status:
This last post in this thread was made more than 31 days old.