CORS can be a pain in the ass to test for your backend service. This because you have to emulate a cross domain request from a browser and sometimes you just want to quickly confirm your CORS configuration or code is working. Can this be done using PowerShell, so you don’t have to fire up a test site to do that request, or use special tooling like Postman or whatever?
Well yes! Using the statement below you can see all the headers that are returned from the request to the test URL on your API. If CORS is correctly configured, you will see the Access-Control-Allow-Origin header in that list. It contains the allowed origin site domain or the asterisk to indicate any domain is allowed. If not, something is still wrong.
The trick is passing in the Origin header when you make the request. Without it, you won’t get any CORS headers back in most cases. I tested this using an ASP.NET Core backend by the way, but most backend systems should behave in the same way, as this is how browsers do it.
This is searchable on the internet, but a little write-up might be useful if you are running into the same problem. Recently we upgraded some .NET Core applications running in a Docker container to .NET Core 3.1. A funny thing happened when we tested those apps, which is they simply stopped working and didn’t throw any errors to make us wiser on what the issue was.
That funny thing wasn’t so funny to be frank.
When figuring out what was going on we noticed that the app seemed to be hanging on creating a database connection. No exception was thrown, we didn’t get a timeout, it just got stuck on opening the connection.
After searching around a bit we ran into a number of GitHub issues related to this on .NET Core repos, where this one (https://github.com/dotnet/SqlClient/issues/201) sums it all up.
It turns out that the Docker image used for 3.1 is a Debian based image. On this image the OpenSSL TLS restrictions have been increased only allowing TLS 1.2 connections with a strong cipher, compared to the image used to build a 2.1 app. If your SQL server does not meet all of these requirements the .NET Core 3.x app will hang on trying to set up the database connection.
Great, but how do you fix this? Well there are 2 workarounds you can apply.
#1 Use the Ubuntu image instead of the Debian one.
By default, the Debian image is used if you let Visual Studio generate the Dockerfile. If you change this to one of the Ubuntu images, you are fine.
So instead of this in your Dockerfile:
FROM mcr.microsoft.com/dotnet/core/runtime:3.1-buster-slim AS base
You can use this:
FROM mcr.microsoft.com/dotnet/core/runtime:3.1-bionic AS base
If you don’t like using the Ubuntu image for some reason, you can still go for door number 2.
#2 Update the OpenSSL configuration
That OpenSSL configuration is stored in /etc/ssl/openssl.cnf. The lines that are the culprit are the MinProtocol setting and the CipherString. Depending on what your issue is (TSL 1.2 not available, or your cipher strength) you can change one, or both of these lines. The Debian config currently looks like:
Depending on what you need, you can lower the SECLEVEL to allow not-so-good ciphers, or lower the minimum protocol level if you can’t use TLS 1.2. That would look like this if you’d have to change both lines:
In your Dockerfile you can do this with the following statements:
RUN sed -i 's/MinProtocol = TLSv1.2/MinProtocol = TLSv1/' /etc/ssl/openssl.cnf
RUN sed -i 's/CipherString = DEFAULT@SECLEVEL=2/CipherString = DEFAULT@SECLEVEL=1/' /etc/ssl/openssl.cnf
The best idea is to get the SQL guys to upgrade security on the SQL server itself and make sure the default works. But in corporate environments this is something that can take a while and you probably need to get that app running yesterday, so…
Vim has tons of awesome shortcuts and features you pick up over time. Some of those I don’t use every day so I have to write them down so I can look them back up when I can’t remember exactly how it works. Instead of keeping them locked away in a text file, I’ll throw them online here and spread the Vim love. None of these need any special plugins. They should all work right out of the box with plain old Vim.
If you want to know more about a specific command listed here, use the Vim :help command to find out more. There are usually more options and possibilities for each of these commands and the Vim documentation is excellent.
Here we go!
When you are on the command line using a console application and you want to edit the output in Vim right away, or open that long list of possible command line switches in Vim for reference, this one will come in handy. I’m using GVim here because since that opens in a separate window from your shell, this is the most useful.
This one is for opening a ton of files in a single Vim instance from Powershell, in different tabs. This means you are running this from a Powershell console of course.
gvim -p (ls *.ps1)
For more Vim command line options run this in your favorite shell environment:
vim -h
gvim -h
How about opening a remote file, or fetch HTML from a page over HTTP using Vim:
:e https://n3wjack.net/
When you work with log files a lot, being able to delete lines containing or not containing a specific word can be just what you need. These two commands are perfect to filter out obsolete exceptions and figure out what is causing that nasty production issue:
:g/DeleteAll/d
:v/DeleteAllButThis/d
Did you know that Vim has a spell checker? I didn’t know that at the beginning (try :h spell for more details). To activate/deactivate:
:set (no)spell
To jump to the next / previous misspelled word:
]s
[s
To get a list of spelling suggestions (or use the mouse in GVim, which is quite practical):
z=
You can add a simple XML-tidy shortcut to your .vimrc file by adding the following command. What it does is setting the file type to XML, removes spaces between opening & closing brackets, add a return character in-between the opening & closing brackets and finally formats the document so it looks all nice and indented.
You can force syntax highlighting in Vim as follows for e.g. HTML, XML and Markdown. Of course this works for a ton of other file types as well, as long as you can figure out what the extension/file type key is. But that’s pretty easy in most cases.
:set syntax=html
:set syntax=xml
:set syntax=md
I add shortcuts for any files I frequently edit by using the leader key and a letter combination that’s easy to remember. For example this one to edit my custom .vimrc file when I press the leader key followed by “e” and “v” (edit vimrc).
That’s about it. For more nice Vim tips check out more Vim posts. Another good resource for bite sized Vim tips is the MasteringVim on twitter and it’s newsletter.
Kibana is a great dash-boarding tool to easily query an Elasticsearch store on the fly without having to know exactly how to write an Elasticsearch query. For example if you’re using Logstash to dump all your logfiles into an Elasticsearch DB and use Kibana to nail down that specific weird exception you’re seeing.
Kibana is great to show some graphs and give a pretty good overview, but what if you want that query data and do some processing on that? You can’t really export it from the dashboard, but for each of those table or graph panels on your dashboard you can click the “Inspect” button and see what Elasticsearch query is used to get the data for the panel.
This is a curl statement and contains all you need to run the same query using PowerShell. The easiest thing to do is to copy the whole JSON statement into a text file and strip out the curl bit and the URL. You keep the URL handy because that’s the URL you’ll need to target in the Invoke-Restmethod call.
If you refactor it into something like the statements below and save it as a .ps1 file you can run it from the command-line and get the results back as PowerShell objects parsed from the JSON result. Yes. PowerShell is that cool. ;)
The Invoke-WebRequest PowerShell commandlet is great if you want to get and work with some web page’s output without installing any extra tools like wget.exe for example. If you’re planning to do some text parsing on a web page anyway, PowerShell is an excellent option, so why not go full PS mode?
Unfortunately the command has some drawbacks causing it to be a lot slower than it should be if you just want plain text and it’s response parsing can even cause it to lock up and not return a result at all.
So here’s some pro-tips for parsing the output using PowerShell fast and effectively:
1. Use basic parsing
The commandlet does some DOM parsing by default using Internet Explorer. This takes time and sometimes fails too, so if you want to skip this bit and make things faster, simply add the command-line switch UseBasicParsing:
Parsing text in PS is easy, but it’s even easier if the result is formatted like a text file with multiple lines instead of the full HTML in a single string. If you get the Content property from your webpage, you can split it up into separate lines by splitting on the newline character:
This can be really handy if you want to automatically check if the right response headers are set.
But you can also use the Headers collection on the result object, which is even easier.
3. Disable download progress meter shizzle to download large files (or always to speed things up)
That download progress bar is a nice visual and all when you’re using Invoke-WebRequest to download some large binaries and want to see it’s progress, but it significantly slows things down too. Set the $progressPreference variable and you’ll see your scripts download those files a lot faster.
The larger the files (like big as log files, images, video’s etc) the more this matters I’ve noticed.
Be sure to reactivate this setting afterwards, because this affects any commandlet using that progress-bar feature.
4. No redirects please.
Invoke-WebRequest automatically follows an HTTP redirect (301/302) so you end up with the page you where looking for in the most cases.
If you want to test if a URL is properly redirected (or not redirected) this just makes things harder. In that case you can turn off redirects by using the MaximumRedirection parameter and setting it to 0
When you get a URL that returns a 301 when doing this, the command will throw an exception saying the maximum redirection counts has been exceeded. This makes this case easier to test.
The result object will also contain the redirect StatusCode.
It’s overkill in some cases, but in others this is pure win. The result object contains some really handy bits of the webpage, making a lot of tricky text and regex parsing obsolete.
It’s a piece of cake to parse all images linked from a page using the Image collection. Want to parse all outgoing links on a page? Use the Links collection. There’s also a StatusCode, a Headers collection a Forms and Inputfield collection for form parsing and more.
Check out what’s available using Get-Members:
Yep. Sometimes Invoke-WebRequest simply doesn’t cut it. I’ve seen it hang on some complex pages trying to parse it and failing miserably.
In that case you get fetch the page using the GNU WGet tool, download the page as a text file and then parse that.
You have to call wget by adding the exe extension part otherwise you’ll be triggering the PowerShell alias for Invoke-WebRequest again.
# Install WGet with Chocolatey
choco install wget
# Get the page and save it as a text file
wget.exe https://n3wjack.net -O nj.html
# Read the file and parse it.
get-content nj.html | % { # parsing code goes here }
A powerful pattern in software engineering is where you pass in a function or an object to another, which executes this given one dynamically. This allows you to extend behavior of code without having to edit that code. It’s known as the Strategy Pattern and allows for nice, clean and decoupled code.
In PowerShell you can do this by passing a function as an argument to another function. When I tried to do this, I found out this wasn’t as trivial as I thought it would be, so here’s the nitty gritty on to work that magical extend-ability pattern.
Basically you want to do something like passing in a function which processes a single item in a loop controlled by another piece of code. Something like:
function Print-Number($number)
{
echo "Number is $number"
}
function Do-Loop($function)
{
$numbers = 1..10
foreach ($number in $numbers)
{
# Here we should call $function and pass in $number
}
}
# Call Do-Loop with the PrintNumber function as a parameter here.
I ran into 2 problems here.
How do I pass in a function as a reference to another one?
How do I call one of those function blocks from the function that receives it?
First things first. The syntax for passing in a function inline looks like this:
Do-Loop ${function:Print-Number}
Note the function: prefix there. It’s the magic bit. This accesses the function object’s script block without executing it.
You can also list all functions available in your PowerShell session like this:
ls function:
If you want to pass in a script block like an anonymous lamba C# style, without defining a function first, you can do this:
Do-Loop { param($content) write-host $content }
Want to reuse that function a few times and store it in a variable? No problemo, just do this:
That pretty much covers all the options for problem number 1.
So now on the second problem: calling that passed in function or script block inside our host function.
Let’s say we want to call that function from a loop. To call the function you need to use the Invoke-Command commandlet and pass in the argument using the ArgumentList parameter like this:
foreach ($number in $numbers)
{
Invoke-Command $function -ArgumentList $number
}
Pretty simple right?
The argument list expects an array as it’s value. So if you want to pass in 2 parameters like a number and a message text that would look something like this:
Putting it all together, here’s the working sample code:
function Print-Number($number)
{
echo "Number is $number"
}
function Do-Loop($function)
{
$numbers = 1..3
foreach ($number in $numbers)
{
Invoke-Command $function -ArgumentList $number
}
}
Do-Loop ${function:\Print-Number}
Because of this array-as-a-parameter thing however I did run into a little snag for my actual code.
What if the first and only parameter is an array in itself? How do make it clear to the Invoke-Command commandlet that the array is a single parameter, not a list of parameters to pass into the function?
In my case I was passing in the content of a text file which is an array of strings. My first argument ended up being the first string of that array, and I was lacking the rest of the file’s lines.
Again, there’s a little trick to that which I found on Stack Overflow. The syntax to pass in an array as a parameter is:
Invoke-Command $function -ArgumentList (,data)
The last bit seems to work by creating an array (that comma) where the first element is nothing and the second is our array.
Apparently the first element is then skipped and our second is passed in as the required array parameter.
A silly example to demonstrate this:
A powerful pattern in software engineering is where you pass in a function or an object to another, which executes this given one dynamically. This allows you to extend behavior of code without having to edit that code. It’s known as the Strategy Pattern and allows for nice, clean and decoupled code.