I'm trying to implement forum search into our macOS app. We need to call the search endpoint from either Javascript running locally in Electron (so there's no user signed in) or via C#.
Both methods complain that there's no XSRF token which I can understand since we're just making that single request.
System.Exception: Error decoding JSON from endpoint https://forum.soundflow.org/-/v0/search: 403 Forbidden
No xsrf token [TyE0XSRFTKN]
How can we go about making this work?
KajMagnus @KajMagnus2021-08-19 13:04:55.783ZTemp workaround: You can go to
forum.soundflow.orgin a browser, open Dev Tools, go to the Application tab, and copy theXSRF-TOKENcookie value. Then, include it in the request to/-/v0/search:Won't work, currently — no XSRF token:
$ curl -H 'Content-Type: application/json' -X POST 'https://www.talkyard.io/-/v0/search' -d '{ "searchQuery": { "freetext": "xsrf" }, "pretty": true }' 403 Forbidden No xsrf token [TyE0XSRFTKN]But this works: (with an XSRF token for Ty .io from my browser (which I've since deleted))
$ curl -H 'X-XSRF-TOKEN: 16293.......ZkG' -H 'Content-Type: application/json' -X POST 'https://www.talkyard.io/-/v0/search' -d '{ "searchQuery": { "freetext": "xsrf" }, "pretty": true }' ## the response: { "origin" : "https://www.talkyard.io", "thingsFound" : [ { "pageId" : "594", "title" : "Getting \"No xsrf token\" error when trying to contact search endpoint", "urlPath" : "/-594/getting-no-xsrf-token-error-when-trying-to-contact-search-endpoint", ...
Since there's no session cookie in these API requests, the XSRF check Talkyard does, seems unnecessary. Maybe the XSRF check could be skipped in these cases
- In reply tochrscheuer⬆:KajMagnus @KajMagnus2021-08-20 05:37:36.004Z
I'll make a change so Talkyard won't require any XSRF token, when there's no session. This'll be included in the upcoming release ... on Sunday? or Monday?
We need to call the search endpoint
(I suppose this is for searching among the publicly visible topics. Since there're no credentials in these requests, access restricted topics wouldn't be found.)
- CChristian Scheuer @chrscheuer
Yes exactly. Just public topics are expected to be returned :)
Perfect that you can get this in the next release - really appreciate it!
- CChristian Scheuer @chrscheuer
Hi @KajMagnus - please lmk when this is live :)
KajMagnus @KajMagnus2021-08-23 14:26:57.348ZYes, just upgraded this server Ty .io, probably Prod tomorrow.
- KajMagnus @KajMagnus2021-08-23 14:31:14.049Z
B.t.w., now this works, here: (no
X-XSRF-TOKENheader needed)curl -X POST -H 'Content-Type: application/json' https://www.talkyard.io/-/v0/search -d '{ "searchQuery": { "freetext": "lmk" }, "pretty": true }'- CChristian Scheuer @chrscheuer
Confirmed working here (on ty.io)! Great work, can't wait for it to be in prod.
- KajMagnus @KajMagnus2021-08-25 06:41:56.028Z
Server upgraded, now this works:
curl https://forum.soundflow.org/-/v0/search -X POST -H 'Content-Type: application/json' -d '{ "searchQuery": { "freetext": "IFTTT" }, "pretty": true }'- CChristian Scheuer @chrscheuer
Awesome! It works great :)
I don't remember - is there a way to limit the search to a specific category or set of categories?
- KajMagnus @KajMagnus2021-08-26 04:31:25.780Z
Yes (sorry I forgot to get back about that), by including
category:category-slugin the search query, e.g. search for:"trees categories:ideas". In cURL:curl -X POST -H 'Content-Type: application/json' https://www.talkyard.io/-/v0/search -d '{ "searchQuery": { "freetext": "lmk categories:issues" }, "pretty": true }'Search in many categories: Add more slugs, comma separated, no space between, e.g.:
category:issues,support- KajMagnus @KajMagnus2021-08-26 05:02:47.681Z
@chrscheuer: Maybe a problem: Currently, to search in all SoundFlow packages sub categories in Soundflow, you'd need to list each one of the sub categories, in the
category:...list. But then the search query would get too long, and rejected.You have in mind to search in all sub categories? (Or only some base categories?)
(Anyway, this'll be a problem eventually for someone, so should get fixed)
- CChristian Scheuer @chrscheuer
This won't be a problem, I think :) We would either want to search in a specific category or across the whole site.
- CChristian Scheuer @chrscheuer
Specifically, we'd by default want to search in "How to" for our in-app search. By doing this we'll automatically exclude the "Support" category for example as that brings too much noise.
For package specific things it could then additionally (or exclusively) search in the category for that specific package. So yea, at most we'd search in 2-3 categories at once in total, but most of the time either 1 or all.
- In reply toKajMagnus⬆:CChristian Scheuer @chrscheuer
Oops just replied in the other thread. Wasn't aware you could do this with searching in categories. Awesome!
- CIn reply tochrscheuer⬆:Christian Scheuer @chrscheuer
We've got forum search working in our app now. Sooo nice!
- Progresswith handling this problem