HTTP requests (Fetch API)
Version compatibility
This feature was introduced in version 4.6 of the JourneyApps Container.
HTTP on iOS disabled from v4.27
Note: In 2016 Apple announced a security feature for iOS called Application Transport Security (ATS). This feature will eventually enforce HTTPS for all network requests. Although the JourneyApps Container already uses HTTPS for all communications with the JourneyApps Backend, it was still possible for a developer to use the
fetch() function to create insecure HTTP requests.We've activated ATS on our iOS Containers from v4.27, disabling the ability to create HTTP requests.
The Fetch API allows apps to make HTTP Requests to external web services directly from the user's device. This is especially useful for use cases involving "live lookups" on external web services which are required as part of the app workflow. An example would be doing a credit check in the app before allowing the user to continue in issuing a quote for a financial product.
All outgoing requests are subject to Cross Origin Resource Sharing (CORS) restrictions.
Furthermore, there are two important caveats:
- The Promise returned from
fetch()won't reject on an HTTP error status even if the response is an HTTP 404 or 500. Instead, it will resolve normally, and it will only reject on a network failure, or if anything prevented the request from completing. - By default,
fetch()won't send any cookies to the server, resulting in unauthenticated requests if the site relies on maintaining a user session.
Here are examples of how to use the fetch() in an app:
Here is an example of a GET request where the response in displayed in a dialog:
var url = 'https://httpbin.org/get?message=hello%20world';
return fetch(url, {})
.then(function(response) {
// Parse JSON from the body
return response.json()
})
.then(function(jsonData) {
dialog('Your message', jsonData.args.message);
});
Here is an example of a simple POST where the response in displayed in a dialog:
var url = 'https://httpbin.org/post';
var payload = {"message": "Hello world"};
var options = {
method: 'POST',
headers: {
"Content-Type": "application/json",
},
body: JSON.stringify(payload)
};
return fetch(url, options)
.then(function(response) {
// Parse JSON from the body
return response.json()
})
.then(function(jsonData) {
dialog('You sent:', jsonData.data);
});
fetch.Auth provides helper functions for basic and token authorization headers. For example, the basic helper correctly format encodes the username and password into a valid Authorization header:var url = 'https://httpbin.org/get';
var options = {
headers: {
'Authorization': fetch.Auth.basic('user123','password123')
}
}
return fetch(url, options)
.then(function(response) {
return response.text()
})
.then(function(rawBody) {
// httpbin.org/get echos the request details in the response body.
dialog('Your request:', rawBody);
});
As mentioned before, the
fetch promise will be rejected only for network errors. Use .caught (compatibility alias for .catch) or .then(null, handler)return fetch('invalid')
.then(null, function(error) {
// error is a TypeError
dialog('Unable to connect to the internet')
});
The code can check for 2xx HTTP response codes by using
response.ok. It is recommended to do this in every response handler.return fetch('invalid')
.then(function(response) {
if (!response.ok) {
// response.status is 404 or 500 or some failure status
var error = new Error(response.statusText)
error.response = response
throw error;
}
// Status is 2xx (success) - handle it here.
})
.caught(function(err) {
// Do something with the error
dialog('Unable to fulfill the request due to error');
});
Last modified 1yr ago