rand(Ø)

> beautiful code & photos

about <

Posts tagged: http

To rewind, or ! (to rewind)

Lately, I was missioned to integrate a vendor PHP SDK that is transport-agnostic as it implements HTTPlug. Pretty cool.

Everything went well until I found out that the SDK used a response reader method helper which is:

/**
 * @param ResponseInterface $response
 *
 * @return stdClass
 */
private function handleResponse(ResponseInterface $response)
{
    $this->setRateLimitDetails($response);

    $stream = $response->getBody()->getContents();

    return json_decode($stream);
}

First issue: I can't pick the response format, I'm forced to deal with the object deserialization version of the JSON payload. This is okay but not completely since the structure of the JSON may vary if my peers

> Continue Reading

CSP Header Hacking for Apache2

Hello,

I write here to report my latest dirty hack. Story—

While enforcing our HTTP server configuration at work, we are slowly implementing CSP policies and one of them allow Web browsers to report violations to a given endpoint.

At this moment, we are only at the reporting step of the implementation because the first time we attempted to roll this header out, it ended up breaking our staging env.

So, it's recommended to set the Content-Security-Policy-Report-Only header.

This header takes the report-uri directive which allows the browser to push the violation findings to a given endpoint.

For this example:

> Continue Reading

cURL: forward POST over HTTP redirections

Recently, I've been stuck on a Web service call that wouldn't be called as supposed to be. When having troubles with WS, it's very important to dump client request and server response.

Using cURL withing PHP, I couldn't understand why my code was building a POST request and cURL returned me a GET request instead when the URI was getting a 301 redirection.

Turned out that it was a configuration issue because the URI wasn't the right one. Thanks to the config team!

What cURL says

When curl follows a redirect and the request is not a plain GET (for
> Continue Reading