I'd like to be able to create new topics using the REST API from code stuck into the top of page. The use case for this is to provide a simple box where the user can type a short message and have it automatically placed into a fixed category. I used a Javascript XHR to mimic "Create Topic" as closely as possible, passing the csrf-token and cookies. The Post created by "Create Topic" works and generates a new topic as it should. My post, which looks pretty identical, does not generate an error or a log, it just fails silently. I thought I could get away without using the api key since this is from within the user's currently logged in session. Any thoughts?
Prototyped with the following code:
anHttpRequest.open( "POST", "/posts", true );
anHttpRequest.setRequestHeader("X-CSRF-Token", getMetaContent("csrf-token"));
anHttpRequest.setRequestHeader("X-Requested-With", "XMLHttpRequest");
anHttpRequest.setRequestHeader("Content-type","application/x-www-form-urlencoded");
anHttpRequest.send("raw=another+in+the+string+of+messages&is_warning=false&category=32&archetype=regular&title=and+again+and+again");
This generates an HTTP Post that is pretty much identical to what I see if I use Create Topic, except the new topic does not get created.
Remote Address:54.68.138.121:80
Request URL:http://dev.sennseis.com/posts
Request Method:POST
Status Code:200 OK
**Request Headers** view parsed
POST /posts HTTP/1.1
Host: dev.sennseis.com
Connection: keep-alive
Content-Length: 110
Origin: http://dev.sennseis.com
X-CSRF-Token: M+Cfdwd1RjaQcHO9gzg9aImTH+4Px8zYDYIoV7shJuE=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.101 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: */*
Referer: http://dev.sennseis.com/c/help-requests
Accept-Encoding: gzip,deflate
Accept-Language: en-US,en;q=0.8
Cookie: guidedTour=hide; SS_MID=6bf6d0c6-ea2f-4ece-8490-9f32a4833225i10u1rhs; ss_cid=da26a397-3728-4bbc-b1e6-edd79c421bc7; _t=f044cfefc86de3779b1f25b44ed79c38; _gat=1; _ga=GA1.2.831699875.1412601719; _forum_session=BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiJTMxMGQ4ZTI5OGVmMTM4MGZjNzRhYjVmNTcyNzk0MDdmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMU0rQ2Zkd2QxUmphUWNITzlnemc5YUltVEgrNFB4OHpZRFlJb1Y3c2hKdUU9BjsARkkiGmRpc2FibGVfY3VzdG9taXphdGlvbgY7AEZGSSIKZmxhc2gGOwBUewdJIgxkaXNjYXJkBjsAVFsGSSIMcmVmZXJlcgY7AFRJIgxmbGFzaGVzBjsAVHsGSSIMcmVmZXJlcgY7AFQiNmh0dHA6Ly9kZXYuc2VubnNlaXMuY29tL3QvY3JlYXRlLWEtaGVscC10b3BpYy80MzE%3D--b2407c6eb3c578e8f16aa21b6494bda102b292d1
**Form Data** view parsed
raw=another+in+the+string+of+messages&is_warning=false&category=32&archetype=regular&title=and+again+and+again
**Response Headers** view source
Connection:keep-alive
Content-Encoding:gzip
Content-Type:application/json; charset=utf-8
Date:Sat, 18 Oct 2014 00:32:10 GMT
Server:nginx
Status:200 OK
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-Id:1b94e24c-1026-48d2-a48e-889e69a029b4
X-Runtime:0.102528
X-UA-Compatible:IE=edge
X-XSS-Protection:1; mode=block
And here is the HTTP Post generated by Create Topic that works. If there are any meaningful differences they escape me. Watching the network trace in Chrome after getting the 200 response to this post Discourse does a Get to jump to the post - from the network trace it is not clear where the id of the new post gets returned. I have not looked at the Discourse source yet.
Remote Address:54.68.138.121:80
Request URL:http://dev.sennseis.com/posts
Request Method:POST
Status Code:200 OK
Request Headers view parsed
POST /posts HTTP/1.1
Host: dev.sennseis.com
Connection: keep-alive
Content-Length: 96
Origin: http://dev.sennseis.com
X-CSRF-Token: M+Cfdwd1RjaQcHO9gzg9aImTH+4Px8zYDYIoV7shJuE=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Accept: */*
X-Requested-With: XMLHttpRequest
Referer: http://dev.sennseis.com/c/help-requests
Accept-Encoding: gzip,deflate
Accept-Language: en-US,en;q=0.8
Cookie: guidedTour=hide; SS_MID=6bf6d0c6-ea2f-4ece-8490-9f32a4833225i10u1rhs; ss_cid=da26a397-3728-4bbc-b1e6-edd79c421bc7; _t=f044cfefc86de3779b1f25b44ed79c38; _forum_session=BAh7CUkiD3Nlc3Npb25faWQGOgZFVEkiJTMxMGQ4ZTI5OGVmMTM4MGZjNzRhYjVmNTcyNzk0MDdmBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMU0rQ2Zkd2QxUmphUWNITzlnemc5YUltVEgrNFB4OHpZRFlJb1Y3c2hKdUU9BjsARkkiGmRpc2FibGVfY3VzdG9taXphdGlvbgY7AEZGSSIKZmxhc2gGOwBUewdJIgxkaXNjYXJkBjsAVFsASSIMZmxhc2hlcwY7AFR7BkkiDHJlZmVyZXIGOwBUIjZodHRwOi8vZGV2LnNlbm5zZWlzLmNvbS90L2NyZWF0ZS1hLWhlbHAtdG9waWMvNDMx--80751eab343207978a4495616969ddfee8745ccb; _gat=1; _ga=GA1.2.831699875.1412601719
Form Dataview parsed
raw=this+should+work&is_warning=false&category=32&archetype=regular&title=a+test+of+create+topic
Response Headersview source
Connection:keep-alive
Content-Encoding:gzip
Content-Type:application/json; charset=utf-8
Date:Sat, 18 Oct 2014 00:31:24 GMT
Server:nginx
Status:200 OK
Transfer-Encoding:chunked
X-Content-Type-Options:nosniff
X-Frame-Options:SAMEORIGIN
X-Request-Id:136e3eee-0a07-4077-8a92-cde25a7314cb
X-Runtime:0.090278
X-UA-Compatible:IE=edge
X-XSS-Protection:1; mode=block