Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Simplified Javascript Access #8

Closed
robwlakes opened this issue Jul 6, 2014 · 11 comments
Closed

Simplified Javascript Access #8

robwlakes opened this issue Jul 6, 2014 · 11 comments

Comments

@robwlakes
Copy link

Hi Marco,

I have been using your aREST library and admire your work. Thanks! I was keen not to have to add any thing to my browser's capability or set up anything to do with PHP on servers etc. That end I have worked out a way to allow Javascript to access the aREST commands using the XMLHttpRequest(). It looked ideal but threw errors as the browser was rejecting it Arduino on the basis it did not share its domain. I have discovered that adding the line

client.println(F("Access-Control-Allow-Origin: *"));

into the header allowed me access, and I did develop my simplified web page access.

I am a newbie to GitHub so I am not sure how to go about all this. I would like to submit my web page if you are interested for your perusal.

I am not sure how much this change to the header might compromise security generally (it appears to only involve the Arduino end?) or whether using the API was the answer to this problem. I will be interest to hear your comments.

Rob Ward

File: aREST.h
.......
template
void send_http_headers(T client){
client.println(F("HTTP/1.1 200 OK"));
client.println(F("Content-Type: application/json"));
client.println(F("Access-Control-Allow-Origin: *"));
client.println(F("Connection: close"));
client.println();
}
@prologic
Copy link

prologic commented Jul 6, 2014

Rob could you elaborate a bit more on your problem?

The issue I have with adding this (I use aREST too)
is that this adds (at least) an additional 30 byte overhead to the
library and it's flash storage requirements.

As it stands now depending on what you're doing it's becoming
qutie hard to use aREST on Arduino(s) with 32kB of flash :/

My solution to your particular problem I would solve another way
if I were you... That is to proxy the requests.

cheers
James

James Mills / prologic

E: prologic@shortcircuit.net.au
W: prologic.shortcircuit.net.au

@robwlakes
Copy link
Author

Thanks for your suggestions James,

However the 30 byte overhead in my case is not much of a percentage
increase on top of 25792bytes the whole program takes up, to get the
convenience of a "simple to design browser/Javascript front end". Doing
without mdns saved me 1224bytes (I cut it to see what memory it used,
and I don't intend to use it at this stage).

I think my suggestion will offer considerable benefits for a small cost.
If memory does become limited then I would be targeting other things
myself eg mdns.

So I don't have a problem to elaborate on now. I am just offering to
contribute an alternative solution that works for me, and others may
like to use it. The line in the header could be present, but commented
out, and used if that's where people want to go. As I see it most of
the interesting logic for this project (remote control of a cat door and
feeding tray) will come from my javascript in the web page, not a great
deal more code at the Arduino end of things.

Cheers,

Rob Ward
Lake Tyers Beach, 3909
Lake Tyers Beach Website http://www.laketyersbeach.net.au
XP to XUbuntu - The journey, join me!
http://www.laketyersbeach.net.au/XP2XU.html

@prologic
Copy link

prologic commented Jul 7, 2014

Yeah that's fine but we need to optimize the overall size of the aREST library. See Issue #3 because for one of my projects involving the Adafruit Motor Shield I basically run out of Flash (and I believe RAM).

@robwlakes
Copy link
Author

Ah ha, fair enough James. I can see the aREST would be a very
attractive package to extend, especially with custom features you might
like to add compared to my simple needs at the moment ie open door and
close door, and replace eaten food. I would expect maybe just a couple
of trigger or control lines from a a few ports on the Arduino would be
enough for my purposes.

I may be wrong but there could be others who may find my approach useful
and even if it is just outlined as an option in the repository it could
help a few people out who's needs are simple like mine. Just broaden
the spectrum of users.

I have had a look over the rest of the project and the standard of the
programming and support code (html+code+css etc) is very high and
polished. I would love to say I can help you trim it (rather than
making suggestions that go in the opposite direction), but my skills are
fairly basic, and unless I follow the KISS principle I quickly flounder.

Anyway I would like to contribute something for benefits I have got thus
far, so I am hoping you guys will include my efforts at some stage.

Rob Ward
Lake Tyers Beach, 3909
Lake Tyers Beach Website http://www.laketyersbeach.net.au
XP to XUbuntu - The journey, join me!
http://www.laketyersbeach.net.au/XP2XU.html

On 07/07/14 21:00, James Mills wrote:

Yeah that's fine but we need to optimize the overall size of the aREST
library. See Issue #3
#3 because for one of
my projects involving the Adafruit Motor Shield I basically run out of
Flash (/and I believe RAM/).


Reply to this email directly or view it on GitHub
#8 (comment).

@marcoschwartz marcoschwartz mentioned this issue Sep 8, 2014
Closed
@tarmo888
Copy link

It seems to me that it should be a basic feature to be able to make rest api calls straight from web browser javascript code. Limiting the calls to go through proxy because 30 bytes seems overkill.

@robwlakes
Copy link
Author

On 14/10/14 11:35, tarmo888 wrote:

It seems to me that it should be a basic feature to be able to make
rest api calls straight from web browser javascript code. Limiting the
calls to go through proxy because 30 bytes seems overkill.


Reply to this email directly or view it on GitHub
#8 (comment).

Agreed, but I can understand Marcos wanting to make it comprehensive
(lots of features eg functions,analogue and digital features) and simple
to set up (eg name look ups etc). However at the tinkering level, lean
and mean is also good. I just cut the MDNS feature to make more room.
Just making it clear in comments that is is an option would save a lot
of people frustration. Anyway it is a good design and well worthy of
consideration in projects.

@marcoschwartz
Copy link
Owner

Old issue, headers have been added to aREST now, closing this :)

@wblaircox
Copy link

wblaircox commented Apr 28, 2016
edited

Hi Marco, sorry to dig this one up. But while I see the header information has been added, I'm getting the same access error;

XMLHttpRequest cannot load https://cloud.arest.io/xxxxx. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'file://' is therefore not allowed access.

I'm creating a quick and dirty JS mockup and I'm trying to consume the output as JSON. Any thoughts?

Cheers,
Blair

@robwlakes
Copy link
Author

I have come across this and I believe I solved the problem, however
Marcus did not accept it, so I only offer it as an idea.

Have a look at what I did https://github.com/robwlakes/aREST only one
line needed to be changed to the header.

It maybe useful to you, it may not.

Cheers, Rob

On 28/04/16 23:31, wblaircox wrote:

Hi Marco, sorry to did this one up. But while I see the header
information has been added, I'm getting the same access error;

XMLHttpRequest cannot load https://cloud.arest.io/xxxxx. No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'file://' is therefore not allowed access.


You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#8 (comment)

Rob Ward
Lake Tyers Beach, 3909
Lake Tyers Beach Website http://www.laketyersbeach.net.au
XP to XUbuntu http://www.laketyersbeach.net.au/XP2XU.html

@marcoschwartz
Copy link
Owner

Hi Rob, can you link to the pull request you mentioned? Can't seem to find it :)

@robwlakes
Copy link
Author

Hi Marco,

Sorry I am not up with GITHub procedures so I think I just cloned it,
and made a few very simple modifications but did not submit a proper
pull request etc

Due more to the fact I thought it was a very basic addition and you
could add the extra line or so in OK

Here is my original GITHub link.
https://github.com/robwlakes/aREST/blob/master/README.md

and the line I added...

client.println(F("Access-Control-Allow-Origin: *"));//Allows Browsers to
accept the returned information

It basically allows javascript and Adroid apps to access the server with
"GET" commands or the equivalent.

I have tried to find my examples and I suspect I may have lost them in
laptops melt down about 4 months ago. I think I have the two main files
attached.

Fortunately I still have my MIT App builder project for Android that I
developed as well that uses the change in the aRest. I can get the
details of that to you somehow if you are interested.

Screen shot of the Android App.

With any luck these maybe useful to you.

Cheers, Rob

On 08/05/16 04:03, marcoschwartz wrote:

Hi Rob, can you link to the pull request you mentioned? Can't seem to
find it :)


You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHub
#8 (comment)

Rob Ward
Lake Tyers Beach, 3909
Lake Tyers Beach Website http://www.laketyersbeach.net.au
XP to XUbuntu http://www.laketyersbeach.net.au/XP2XU.html

@apetitjean apetitjean mentioned this issue Jul 16, 2018
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@tarmo888 @prologic @marcoschwartz @robwlakes @wblaircox