List of Posts written during Aug 2022

This is a list of of posts written during the month Aug 2022
(Rev. 18-Aug-2022)

Categories | About |     |  

List of Posts

This is the complete list of categories of posts written during Aug 2022. They have been ordered by the publish date, with the most recent first.

  1. Published: 02-Aug-2022
    Social media based authentication requires us to create an oauth app on a social media platform such as google, facebook, twitter, github. This app provides us a client id and a client secret key for use in various classes that provide social media integration. In this tutorial we have a walkthrough for creating an oauth app on the google cloud console. Steps for other social media are similar - so you can take them as an exercise.

  2. Published: 03-Aug-2022
    Social media based login provides a neat and user-friendly means of logging into your website. Users are more likely to trust this method because of the level of security provided by various social media platforms. It helps us simplify the sign-in process by delegating many complexities to social media platforms. In this tutorial we present a project that requires a user to login with his google account. Once he logs in, then he is shown his email-id, name and profile picture. We also explain persistence of cookie, i.e., how the user can be remembered, and also the signout scheme.

  3. Published: 05-Aug-2022
    WebApi can be protected through social media authentication also. The first step is to obtain a client id and a client secret by creating an app on a social media platform. Then these values are used to configure authentication services for that platform. In this tutorial we present the sequence of steps required to gain authorization to a web api protected by google authentication.

  4. Published: 11-Aug-2022
    We shall run two ASPNET Core apps concurrently - the first exposes a web API, whereas the other shows a web page containing two links - the first of these links causes a direct call to the web API, and the second fires an ajax based call through javascript. A direct call is not a cross-origin (CORS) call because its destination is visible in the browser, but a call that occurs through an invocation of XMLHttpRequest or fetch API is a cross-origin (CORS) call. We shall verify that a click on the first link succeeds, but the second link fails because a browser blocks cross-origin calls.

  5. Published: 12-Aug-2022
    In the previous tutorial, we demonstrated how a browser blocks cross-origin calls. So you must surely be wondering why cross-origin requests to CDN-hosted CSS files and fonts succeed. What's behind that success? Why do browsers permit some requests and block others? In this tutorial, we examine the reasons behind this. It will help us allow cross-origin requests in our ASPNET Core apps!

  6. Published: 16-Aug-2022
    An ASPNET Core application can permit cross-origin requests by adding "Access-Control-Allow-Origin" header to the HTTP response. Cross-origin requests are not allowed by default; they must be allowed explicitly. One way of doing it is by defining a suitable policy in the application pipeline. In this tutorial, we learn the steps required for this. We shall also learn how to define multiple policies so that each end-point can serve requests to its own set of origins.

  7. Published: 18-Aug-2022
    Static files are NOT accessible cross-origin if we call UseStaticFiles before UseCors. But if we reverse the order, every static file becomes accessible to permitted origins. So we have an all-or-none type of situation. CORS can either be disabled for every static file or disabled for none. This tutorial explains how to enable CORS for just a small subset of files, as done by the various CDN networks.