[Ovmsdev] Twizy feature ideas

Michael Balzer dexter at expeedo.de
Mon Jun 9 05:52:52 HKT 2014


Nikolay,

I don't need CORS for the auth, that's already working without.

I would need CORS to automatically process the data. And I'd like to do 
it with minimal changes to the existing API server.

My CORS research result was:

    maybe AnyEvent::HTTPD has some CORS support yet?

    If not, these are the headers:

    Access-Control-Allow-Methods "POST, GET, PUT, OPTIONS, PATCH, DELETE"

    Access-Control-Allow-Origin "*$ORIGIN*"

    Access-Control-Allow-Credentials "true"

    Access-Control-Allow-Headers "X-Accept-Charset,X-Accept,Content-Type"


    ...static values except for the "ORIGIN" variable, which needs to
    echo back the "Origin:" header from the request. I'm not familiar
    with AnyEvent::HTTPD, maybe something like

    $req->header('Origin')


    There's a bit more to do: method OPTIONS also needs to be supported
    for "preflight requests" (access control negotiation), see
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS for
    detailed request/response examples.

    I suppose that will need a separate handler function, but one for
    the /api root should be sufficient.


Btw, methods "PUT", "PATCH" + "DELETE" can be omitted I think.

But if you'd like to build a Node.js based solution, go ahead, sounds 
cool :-)

Regards,
Michael



Am 07.06.2014 23:37, schrieb Nikolay Shishkov:
> Hi Michael,
>
> I think what you have done with the html page is crying for the CORS 
> and an angularjs, single page app.
> Here is an open source project with such app that could "easily" be 
> modified to do the work.
> Check out a working sample here:
> http://angular-client-side-auth.herokuapp.com/login/
>
> Nikolay
>
>
> On Saturday, June 7, 2014 12:42 AM, Nikolay Shishkov 
> <nshishkov at yahoo.com> wrote:
>
>
> I believe the following two headers should do it:
> Access-Control-Allow-Origin: *
> Access-Control-Allow-Credentials: true
>
> But needs to be tested.
>
>
> On Friday, June 6, 2014 2:31 PM, Mark Webb-Johnson 
> <mark at webb-johnson.net> wrote:
>
>
> Bug squished. Live on tmc now (and pushed to github).
>
> Neat web page. Shows promise.
>
> Regarding the CORS, I'm very willing to make the changes - just not 
> really sure what headers exactly need to be added. Anyone here know 
> what I would need to add?
>
> Regards, Mark.
>
> On 6 Jun, 2014, at 3:03 pm, Michael Balzer <dexter at expeedo.de 
> <mailto:dexter at expeedo.de>> wrote:
>
> Nikolay,
>
> you found an API server bug :-)
>
> Solution: delete all domain cookies for "openvehicles.com 
> <http://openvehicles.com/>" from your browser before using the API.
>
> The API server gets confused by multiple cookies. If you visit 
> www.openvehicles.com <http://www.openvehicles.com/> before using the 
> API, you get a persistent PHP session cookie like this:
>
> Name SESS619b2b3f204291df32506531f8b446dd
> Host    .openvehicles.com <http://openvehicles.com/>
> Pfad    /
>
> As the host defines ".openvehicles.com <http://openvehicles.com/>" and 
> path "/", this cookie also gets sent to the API host, which then 
> confuses this one with the "ovmsapisession" cookie, i.e.
>
> Name    ovmsapisession
> Host tmc.openvehicles.com <http://tmc.openvehicles.com/>
> Pfad    /api/
>
> Regards,
> Michael
>
>
> Am 05.06.2014 23:46, schrieb Nikolay Shishkov:
>> Thanks Michael,
>> I am getting "login ok" when pressing on the login button, but then 
>> all the other buttons are giving "authentication error" message.
>> I could check that the cookie is sent with the request, but the 
>> server seems to respond with the 400 code.
>> I tried in Chrome. Where, how do you use the page?
>> Nikolay
>>
>>
>> On Thursday, June 5, 2014 10:59 PM, Michael Balzer 
>> <dexter at expeedo.de> <mailto:dexter at expeedo.de> wrote:
>>
>>
>> Nikolay,
>>
>> that's right, I intend to get this running without an otherwise 
>> necessary proxy, i.e. for local HTML pages on mobile devices or the 
>> like. I've been in contact with Mark about CORS on the perl server.
>>
>> A server could of course be used, most simply the HTTP API itself 
>> could deliver the client page, but CORS should now enable to cope 
>> without and open possible cross origin data/control integrations. Not 
>> sure about static pages for this though, not yet tested. I think it 
>> would be cool to just load some HTML file in your browser and have a 
>> graphical OVMS client.
>>
>> The "code" is currently just a first test bed HTML page to interact 
>> with the HTTP API. No graphics, just a simple table view. Works, but 
>> is clumsy as hell.
>>
>> Try yourself, I've attached it.
>>
>> Regards,
>> Michael
>>
>>
>> Am 05.06.2014 11:26, schrieb Nikolay Shishkov:
>>> Hi Michael,
>>>
>>> I am very interested in the "Browser client using HTTP API and 
>>> jQuery/Flot for visualization". From the comment that CORS is needed 
>>> I suspect you want to have the html5 page locally and then fetch 
>>> data from the server while using other sources for context data.
>>> Have you considered running this on a separate server that serves as 
>>> a gateway to the TMC server?
>>>
>>> Have you uploaded the code somewhere?
>>>
>>> I have been playing around with C# client and was thinking of using 
>>> it on an asp.net <http://asp.net/> server...
>>>
>>> Nikolay
>>>
>>>
>>> On Wednesday, June 4, 2014 11:22 PM, Michael Balzer 
>>> <dexter at expeedo.de> <mailto:dexter at expeedo.de> wrote:
>>>
>>>
>>> Am 04.06.2014 07:38, schrieb Gianluca Magalotti:
>>> > For nice2have features I'll wait for your list (I have my personal
>>> > list too but maybe we'll have a later focus on that)
>>>
>>> So here it is.
>>>
>>> If other Twizy drivers would like to add their ideas, you're welcome.
>>>
>>> I'll do my best to check new ideas against my collected knowledge of
>>> what's possible up to now and give you some feedback.
>>>
>>>
>>> Regards,
>>> Michael
>>>
>>>
>>> -- 
>>> Michael Balzer * Paradestr. 8 * D-42107 Wuppertal
>>> Fon 0202 / 272 2201 * Handy 0176 / 206 989 26
>>>
>>>
>>>
>>> _______________________________________________
>>> OvmsDev mailing list
>>> OvmsDev at lists.teslaclub.hk <mailto:OvmsDev at lists.teslaclub.hk>
>>> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> OvmsDev mailing list
>>> OvmsDev at lists.teslaclub.hk  <mailto:OvmsDev at lists.teslaclub.hk>
>>> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>>
>> -- 
>> Michael Balzer * Paradestr. 8 * D-42107 Wuppertal
>> Fon 0202 / 272 2201 * Handy 0176 / 206 989 26
>>
>> _______________________________________________
>> OvmsDev mailing list
>> OvmsDev at lists.teslaclub.hk <mailto:OvmsDev at lists.teslaclub.hk>
>> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>>
>>
>>
>>
>> _______________________________________________
>> OvmsDev mailing list
>> OvmsDev at lists.teslaclub.hk  <mailto:OvmsDev at lists.teslaclub.hk>
>> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>
>
> -- 
> Michael Balzer * Paradestr. 8 * D-42107 Wuppertal
> Fon 0202 / 272 2201 * Handy 0176 / 206 989 26
> _______________________________________________
> OvmsDev mailing list
> OvmsDev at lists.teslaclub.hk <mailto:OvmsDev at lists.teslaclub.hk>
> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>
>
> _______________________________________________
> OvmsDev mailing list
> OvmsDev at lists.teslaclub.hk <mailto:OvmsDev at lists.teslaclub.hk>
> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev
>
>
>
>
>
>
> _______________________________________________
> OvmsDev mailing list
> OvmsDev at lists.teslaclub.hk
> http://lists.teslaclub.hk/mailman/listinfo/ovmsdev

-- 
Michael Balzer * Paradestr. 8 * D-42107 Wuppertal
Fon 0202 / 272 2201 * Handy 0176 / 206 989 26

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openvehicles.com/pipermail/ovmsdev/attachments/20140608/77d16edd/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dexter.vcf
Type: text/x-vcard
Size: 206 bytes
Desc: not available
URL: <http://lists.openvehicles.com/pipermail/ovmsdev/attachments/20140608/77d16edd/attachment-0002.vcf>


More information about the OvmsDev mailing list