summaryrefslogtreecommitdiffstats
path: root/archives/extend/attachments/20131009/7c03cefc/attachment.html
blob: 6870f93946f5d26453d1099d6f1ba9bb4f10d189 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

<tt>
&lt;html&gt;&lt;head&gt;&lt;meta&nbsp;http-equiv=&quot;Content-Type&quot;&nbsp;content=&quot;text/html&nbsp;charset=iso-8859-1&quot;&gt;&lt;/head&gt;&lt;body&nbsp;style=&quot;word-wrap:&nbsp;break-word;&nbsp;-webkit-nbsp-mode:&nbsp;space;&nbsp;-webkit-line-break:&nbsp;after-white-space;&nbsp;&quot;&gt;Essentially,&nbsp;the&nbsp;REST&nbsp;service&nbsp;endpoint&nbsp;would&nbsp;be&nbsp;on&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net&quot;&gt;widgets.net&lt;/a&gt;&nbsp;while&nbsp;the&nbsp;clients&nbsp;website,&nbsp;in&nbsp;this&nbsp;case&nbsp;&lt;a&nbsp;href=&quot;http://things.com&quot;&gt;things.com&lt;/a&gt;,&nbsp;has&nbsp;a&nbsp;JavaScript&nbsp;that&nbsp;makes&nbsp;an&nbsp;AJAX&nbsp;call&nbsp;to&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net&quot;&gt;widgets.net&lt;/a&gt;.&nbsp;&nbsp;The&nbsp;account&nbsp;on&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net&quot;&gt;widgets.net&lt;/a&gt;&nbsp;for&nbsp;&lt;a&nbsp;href=&quot;http://things.com&quot;&gt;things.com&lt;/a&gt;&nbsp;will&nbsp;have&nbsp;the&nbsp;&lt;a&nbsp;href=&quot;http://things.com&quot;&gt;things.com&lt;/a&gt;&nbsp;domain&nbsp;registered&nbsp;to&nbsp;its&nbsp;account,&nbsp;so&nbsp;that&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net&quot;&gt;widgets.net&lt;/a&gt;&nbsp;can&nbsp;check&nbsp;to&nbsp;see&nbsp;if&nbsp;the&nbsp;request&nbsp;is&nbsp;coming&nbsp;from&nbsp;an&nbsp;expected&nbsp;domain.&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;Thanks,&lt;/div&gt;&lt;div&gt;Lee&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;/div&gt;&lt;div&gt;&lt;br&gt;&lt;div&gt;&lt;div&gt;On&nbsp;9&nbsp;Oct&nbsp;2013,&nbsp;at&nbsp;16:51,&nbsp;Nathan&nbsp;Michaels&nbsp;&lt;&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&gt;[email protected]&lt;/a&gt;&gt;&nbsp;wrote:&lt;/div&gt;&lt;br&nbsp;class=&quot;Apple-interchange-newline&quot;&gt;&lt;blockquote&nbsp;type=&quot;cite&quot;&gt;&lt;div&nbsp;dir=&quot;ltr&quot;&gt;Is&nbsp;the&nbsp;client&nbsp;making&nbsp;the&nbsp;request&nbsp;to&nbsp;your&nbsp;service&nbsp;on&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net/&quot;&gt;widgets.net&lt;/a&gt;&nbsp;because&nbsp;&lt;a&nbsp;href=&quot;http://things.com/&quot;&gt;things.com&lt;/a&gt;&nbsp;sent&nbsp;them&nbsp;there,&nbsp;or&nbsp;is&nbsp;&lt;a&nbsp;href=&quot;http://things.com/&quot;&gt;things.com&lt;/a&gt;&nbsp;making&nbsp;the&nbsp;request&nbsp;directly&nbsp;on&nbsp;behalf&nbsp;of&nbsp;the&nbsp;client?&nbsp;The&nbsp;first&nbsp;is&nbsp;what&nbsp;Lo�c&nbsp;is&nbsp;talking&nbsp;about.&nbsp;The&nbsp;second&nbsp;is&nbsp;the&nbsp;source&nbsp;IP&nbsp;of&nbsp;the&nbsp;request,&nbsp;which&nbsp;you&nbsp;can&nbsp;definitely&nbsp;get.&lt;/div&gt;<br>
<br>
&lt;div&nbsp;class=&quot;gmail_extra&quot;&gt;&lt;br&gt;&lt;br&gt;&lt;div&nbsp;class=&quot;gmail_quote&quot;&gt;On&nbsp;Wed,&nbsp;Oct&nbsp;9,&nbsp;2013&nbsp;at&nbsp;11:32&nbsp;AM,&nbsp;Lo�c&nbsp;Hoguin&nbsp;&lt;span&nbsp;dir=&quot;ltr&quot;&gt;&lt;&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&nbsp;target=&quot;_blank&quot;&gt;[email protected]&lt;/a&gt;&gt;&lt;/span&gt;&nbsp;wrote:&lt;br&gt;&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0&nbsp;0&nbsp;0&nbsp;.8ex;border-left:1px&nbsp;#ccc&nbsp;solid;padding-left:1ex&quot;&gt;<br>
<br>
In&nbsp;short:&nbsp;you&nbsp;can't.&lt;br&gt;<br>
&lt;br&gt;<br>
Browsers&nbsp;may&nbsp;send&nbsp;origin/referer/..&nbsp;headers&nbsp;depending&nbsp;on&nbsp;the&nbsp;type&nbsp;of&nbsp;request,&nbsp;but&nbsp;you&nbsp;can't&nbsp;rely&nbsp;on&nbsp;them&nbsp;to&nbsp;be&nbsp;real&nbsp;or&nbsp;even&nbsp;just&nbsp;there.&lt;div&nbsp;class=&quot;HOEnZb&quot;&gt;&lt;div&nbsp;class=&quot;h5&quot;&gt;&lt;br&gt;<br>
&lt;br&gt;<br>
On&nbsp;10/09/2013&nbsp;05:30&nbsp;PM,&nbsp;Lee&nbsp;Sylvester&nbsp;wrote:&lt;br&gt;<br>
&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0&nbsp;0&nbsp;0&nbsp;.8ex;border-left:1px&nbsp;#ccc&nbsp;solid;padding-left:1ex&quot;&gt;<br>
Thank&nbsp;you.&nbsp;&nbsp;I&nbsp;couldn't&nbsp;work&nbsp;out&nbsp;if&nbsp;that's&nbsp;the&nbsp;host&nbsp;being&nbsp;called&nbsp;from&nbsp;or&nbsp;the&nbsp;host&nbsp;name&nbsp;in&nbsp;the&nbsp;request.&nbsp;&nbsp;For&nbsp;example,&nbsp;a&nbsp;store&nbsp;called&nbsp;&lt;a&nbsp;href=&quot;http://things.com/&quot;&nbsp;target=&quot;_blank&quot;&gt;things.com&lt;/a&gt;&nbsp;makes&nbsp;a&nbsp;request&nbsp;to&nbsp;my&nbsp;service&nbsp;on&nbsp;&lt;a&nbsp;href=&quot;http://widgets.net/&quot;&nbsp;target=&quot;_blank&quot;&gt;widgets.net&lt;/a&gt;.&nbsp;&nbsp;I&nbsp;need&nbsp;to&nbsp;see&nbsp;that&nbsp;the&nbsp;request&nbsp;is&nbsp;made&nbsp;FROM&nbsp;&lt;a&nbsp;href=&quot;http://things.com/&quot;&nbsp;target=&quot;_blank&quot;&gt;things.com&lt;/a&gt;&nbsp;for&nbsp;validation&nbsp;purposes.&nbsp;Is&nbsp;it&nbsp;correct&nbsp;that&nbsp;host&nbsp;will&nbsp;provide&nbsp;this?&lt;br&gt;<br>
<br>
<br>
&lt;br&gt;<br>
Thanks,&lt;br&gt;<br>
Lee&lt;br&gt;<br>
&lt;br&gt;<br>
Sent&nbsp;from&nbsp;my&nbsp;iPhone&lt;br&gt;<br>
&lt;br&gt;<br>
&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0&nbsp;0&nbsp;0&nbsp;.8ex;border-left:1px&nbsp;#ccc&nbsp;solid;padding-left:1ex&quot;&gt;<br>
On&nbsp;Oct&nbsp;9,&nbsp;2013,&nbsp;at&nbsp;2:31&nbsp;PM,&nbsp;Lo�c&nbsp;Hoguin&nbsp;&lt;&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&nbsp;target=&quot;_blank&quot;&gt;[email protected]&lt;/a&gt;&gt;&nbsp;wrote:&lt;br&gt;<br>
&lt;br&gt;<br>
cowboy_req:host/1?&lt;br&gt;<br>
&lt;br&gt;<br>
Please&nbsp;use&nbsp;the&nbsp;nice&nbsp;manual&nbsp;we&nbsp;have&nbsp;now.&lt;br&gt;<br>
&lt;br&gt;<br>
&nbsp;&nbsp;&lt;a&nbsp;href=&quot;http://ninenines.eu/docs/en/cowboy/HEAD/manual/cowboy_req&quot;&nbsp;target=&quot;_blank&quot;&gt;http://ninenines.eu/docs/en/&lt;u&gt;&lt;/u&gt;cowboy/HEAD/manual/cowboy_req&lt;/a&gt;&lt;br&gt;<br>
&lt;br&gt;<br>
&lt;blockquote&nbsp;class=&quot;gmail_quote&quot;&nbsp;style=&quot;margin:0&nbsp;0&nbsp;0&nbsp;.8ex;border-left:1px&nbsp;#ccc&nbsp;solid;padding-left:1ex&quot;&gt;<br>
On&nbsp;10/09/2013&nbsp;03:27&nbsp;PM,&nbsp;Lee&nbsp;Sylvester&nbsp;wrote:&lt;br&gt;<br>
Hi,&lt;br&gt;<br>
&lt;br&gt;<br>
When&nbsp;receiving&nbsp;a&nbsp;Cowboy&nbsp;request,&nbsp;is&nbsp;there&nbsp;a&nbsp;way&nbsp;to&nbsp;find&nbsp;out&nbsp;which&nbsp;hostname&nbsp;the&nbsp;user&nbsp;made&nbsp;the&nbsp;request&nbsp;from?&nbsp;&nbsp;I'm&nbsp;using&nbsp;CORS&nbsp;in&nbsp;my&nbsp;REST&nbsp;and&nbsp;Bullet&nbsp;app,&nbsp;where&nbsp;each&nbsp;call&nbsp;can&nbsp;be&nbsp;made&nbsp;through&nbsp;a&nbsp;given&nbsp;account.&nbsp;&nbsp;However,&nbsp;I'd&nbsp;like&nbsp;to&nbsp;be&nbsp;able&nbsp;to&nbsp;lock&nbsp;requests&nbsp;for&nbsp;each&nbsp;account&nbsp;to&nbsp;a&nbsp;designated&nbsp;hostname&nbsp;to&nbsp;protect&nbsp;that&nbsp;users&nbsp;account&nbsp;usage.&lt;br&gt;<br>
<br>
<br>
&lt;br&gt;<br>
Thanks,&lt;br&gt;<br>
Lee&lt;br&gt;<br>
&lt;br&gt;<br>
______________________________&lt;u&gt;&lt;/u&gt;_________________&lt;br&gt;<br>
Extend&nbsp;mailing&nbsp;list&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&nbsp;target=&quot;_blank&quot;&gt;[email protected]&lt;/a&gt;&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;http://lists.ninenines.eu:81/listinfo/extend&quot;&nbsp;target=&quot;_blank&quot;&gt;http://lists.ninenines.eu:81/&lt;u&gt;&lt;/u&gt;listinfo/extend&lt;/a&gt;&lt;br&gt;<br>
&lt;/blockquote&gt;<br>
&lt;br&gt;<br>
&lt;br&gt;<br>
--&lt;br&gt;<br>
Lo�c&nbsp;Hoguin&lt;br&gt;<br>
Erlang&nbsp;Cowboy&lt;br&gt;<br>
Nine&nbsp;Nines&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;http://ninenines.eu/&quot;&nbsp;target=&quot;_blank&quot;&gt;http://ninenines.eu&lt;/a&gt;&lt;br&gt;<br>
&lt;/blockquote&gt;&lt;/blockquote&gt;<br>
&lt;br&gt;<br>
&lt;br&gt;<br>
--&nbsp;&lt;br&gt;<br>
Lo�c&nbsp;Hoguin&lt;br&gt;<br>
Erlang&nbsp;Cowboy&lt;br&gt;<br>
Nine&nbsp;Nines&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;http://ninenines.eu/&quot;&nbsp;target=&quot;_blank&quot;&gt;http://ninenines.eu&lt;/a&gt;&lt;br&gt;<br>
______________________________&lt;u&gt;&lt;/u&gt;_________________&lt;br&gt;<br>
Extend&nbsp;mailing&nbsp;list&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&nbsp;target=&quot;_blank&quot;&gt;[email protected]&lt;/a&gt;&lt;br&gt;<br>
&lt;a&nbsp;href=&quot;http://lists.ninenines.eu:81/listinfo/extend&quot;&nbsp;target=&quot;_blank&quot;&gt;http://lists.ninenines.eu:81/&lt;u&gt;&lt;/u&gt;listinfo/extend&lt;/a&gt;&lt;br&gt;<br>
&lt;/div&gt;&lt;/div&gt;&lt;/blockquote&gt;&lt;/div&gt;&lt;br&gt;&lt;/div&gt;<br>
_______________________________________________&lt;br&gt;Extend&nbsp;mailing&nbsp;list&lt;br&gt;&lt;a&nbsp;href=&quot;mailto:[email protected]&quot;&gt;[email protected]&lt;/a&gt;&lt;br&gt;http://lists.ninenines.eu:81/listinfo/extend&lt;br&gt;&lt;/blockquote&gt;&lt;/div&gt;&lt;br&gt;&lt;/div&gt;&lt;/body&gt;&lt;/html&gt;
</tt>
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-26 15:02:29 +0000