Log message #4193566

# At Username Text
# Jul 16th 2019, 17:26 devito are you using any implementation of oauth2? Cause you can leverage the Client grant flow for this.
# Jul 16th 2019, 17:24 devito ahh
# Jul 16th 2019, 17:23 maxxstyle06 Yes
# Jul 16th 2019, 17:23 itmpls so you control both domains?
# Jul 16th 2019, 17:23 maxxstyle06 To my main domain which uses cakephp
# Jul 16th 2019, 17:23 maxxstyle06 That is not using cakephp
# Jul 16th 2019, 17:23 maxxstyle06 I’m trying to send external data from external url
# Jul 16th 2019, 17:22 maxxstyle06 Sorry for late
# Jul 16th 2019, 17:13 itmpls i think you might be overthinking it
# Jul 16th 2019, 17:13 devito what exactly are you trying to secure max?
# Jul 16th 2019, 17:13 itmpls that's how a lot of external calls are done though, on lots of sites you use.. through ajax. it's just an in-page http request
# Jul 16th 2019, 17:12 maxxstyle06 Because ajax shows all datas in browser
# Jul 16th 2019, 17:12 ricksaccous i'm actually probably not really qualified to help because my experience writing APIs is minimal and each time i made it very simplistic
# Jul 16th 2019, 17:12 maxxstyle06 But I’m afraid that ajax will show it
# Jul 16th 2019, 17:11 maxxstyle06 People suggested me jwt
# Jul 16th 2019, 17:11 ricksaccous lol
# Jul 16th 2019, 17:11 ricksaccous no i dunno
# Jul 16th 2019, 17:11 maxxstyle06 Modicrumb do you have an idea ?
# Jul 16th 2019, 17:11 maxxstyle06 Yes but it’s ajax for same domain not verify external urls
# Jul 16th 2019, 17:11 ricksaccous i think you can use tokens to verify whatever, doesn't have to be login
# Jul 16th 2019, 17:10 devito doesnt the cookbook have a way to post tokens via ajax? Could have sworn i seen that in there. Maybe you can leverage that?
# Jul 16th 2019, 17:10 maxxstyle06 My api doesnt need login
# Jul 16th 2019, 17:10 maxxstyle06 Yes but isn’t token just for login?
# Jul 16th 2019, 17:10 ricksaccous i dunno
# Jul 16th 2019, 17:10 ricksaccous create some token and send it over? verify it on the other side?
# Jul 16th 2019, 17:09 maxxstyle06 Now I’m trying to find for alternatives for those components
# Jul 16th 2019, 17:09 maxxstyle06 People will cheat
# Jul 16th 2019, 17:08 maxxstyle06 But it’s not secure you know
# Jul 16th 2019, 17:08 maxxstyle06 yes now I disabled components for that
# Jul 16th 2019, 17:08 ricksaccous disable the components for that action?
# Jul 16th 2019, 17:08 maxxstyle06 But I failed! For the first time !
# Jul 16th 2019, 17:08 maxxstyle06 This error drove me crazy :( I have been searching more than 1 month for solution
# Jul 16th 2019, 17:06 maxxstyle06 they are hard to deal with when trying to send external post request to domain
# Jul 16th 2019, 17:05 maxxstyle06 No it’s because of security + csrf components
# Jul 16th 2019, 16:57 itmpls you'd have to whitelist that domain or use JSONP or other possible solutions
# Jul 16th 2019, 16:57 itmpls XSS?
# Jul 16th 2019, 16:57 itmpls 'blackholed'
# Jul 16th 2019, 16:54 maxxstyle06 hello please I have a problem in cakephp , so I want to send ajax post from an external website , but it keeps giving me the request has been blackholed. please I have been searching for more than 1 month to find solution for it but with no success. thanks in advance
# Jul 16th 2019, 16:45 maxxstyle06 I’m new here!
# Jul 16th 2019, 16:45 maxxstyle06 Hello everyone
# Jul 16th 2019, 15:32 ricksaccous as long as you let it try to save even if you ->getErrors you should be fine