I am attempting to use the endpoint https://firestore.googleapis.com/v1/{parent=projects/*}/databases with more data needed per the documentation on Google's docs.
The goal is to be able to make this request with a standard http utility such as cURL.
I have attempted performing the request manually through the GUI with the Chrome network tab open, and I saw a request being made: https://firebasedatabase.clients6.google.com/v1beta/projects/XXXXXXXXXX/locations/us-central1/instances?databaseId=my-database&validateOnly=true&alt=json&key=secretkey
Per trial and error on another endpoint, I have found that the key parameter can be replaced with a Bearer Auth token in the header. Other than that I am at a dead end.
Related
I'm getting http requestor connection problem with POST:request a bad request even though I'm configuring properly. I'm sending json payload in the body and Bearer token in headers parameters with content type, I can evaluate the token and payload properly but still getting as a bad request when I tried to hit the direct URL as well, and I tried the trigger in postman with the same token generated in mule where I'm getting the success response but while using the same service within mule getting as bad request, I'm using http connector plugin version 1.7.1 in pom.xml.. Is there any problem with the dependency? can anyone help me with this?
If you are successful doing the request in postman then the HTTP request in your Mule application has to need some adjustments to make it match the postman request. Compare them carefully to make them match.
I was doing a automation testing on my web application with SOAPUI, I have found a bug which is http method fuzzing basically it means "HTTP Method Fuzzing
An HTTP Method Fuzzing Scan attempts to use other HTTP verbs (methods) than those defined in an API. For instance, if you have defined GET and POST, it will send requests using the DELETE and PUT verbs, expecting an appropriate HTTP error response and reporting alerts if it doesn't receive it.
Sometimes, unexpected HTTP verbs can overwrite data on a server or get data that shouldn't be revealed to clients."
Can anyone knows how I can solve this issue or how I block the HTTP request other than GET or POST which may remove this bug.
I am using Node.js and express for my web application.
Please check the images:
Image 1
Image 2
I have proprietary http based API to test from JMeter. Unfortunately some of the endpoints of the API are expecting http DELETE method with a request body (I know its questionable API design to use DELETE with request body, but I have no ability to change that API and need to test it).
How can I test it from JMeter? It seems that standard HttpRequest sampler silently ignores my body payload without any warnings. (When I try it in POSTMAN its sending a request body for DELETE method)
I did find an old JMeter plugin called HTTP Raw Request that somewhat helps but still doesn't auto-calculate "Content-Length:" http header for my body payload...so I have to do it manually for every test case - which is a pain for dynamically generated data payloads.
So my question still remains: How can I test HTTP DELETE with request body from JMeter?
Here is the screenshot:
NOTE1: Starting from jMeter ver. 3.1 (see bugzilla #60358) it was fixed for Http GET request to be able to send body in the request...but DELETE was not added.
NOTE2: See bugzilla #61443 for the DELETE request with body.
NOTE3: I'm using client implementation called "Java".
As per reference docs:
http://jmeter.apache.org/usermanual/component_reference.html#HTTP_Request
There are 2 implementations for http request sampler. The non default one called "Java" has this issue with not passing DELETE request body.
Luckily the default implementation called "HttpClient4" that correctly passes request payload for DELETE operation as per JMeter data entry screen.
To change implementations for http request sampler you have to go to "advanced" tab of the HTTP Request Sampler and select client implementation "HttpClient4" instead of "Java". Here is the screenshot:
After that when executed it correctly sends request payload for DELETE operation. Here is the screenshot:
I'm trying to retrieve 3 response headers (Rails Devise Auth Headers: uid, client, access-token) in every request to a Rails Server.
Using Postman (http client) it's working.
With OkHttp (java http client) the headers just don't show up in the client (i've checked using Wireshark).
When i'm in debug mode it just work...
The additional headers with postman are due to postman sending an Origin header and the server is replying with CORS headers, i.e. Access-Control-.... These headers are send within the normal HTTP header, i.e. not after the response.
But these access control headers are only relevant when the access is done from a browser because they control the cross origin behavior of XHR. Since you are not inside a browser they should be irrelevant for what you are doing. What is relevant are the body of the response and some of the other headers and here you'll find no differences. Also irrelevant should be if multiple requests are send within the same TCP connection (HTTP keep-alive done by postman) or with multiple connections (OkHttp) because each request is independent from the other and using the same TCP connection is only a performance optimization.
If you really want to get these special headers you should add an Origin header within you OkHttp request. See the OkHttp examples on how to add your own headers. But like I said: these access control headers should be irrelevant for the real task and there should be no need to get to these headers.
There is a property "config.batch_request_buffer_throttle" in the file "config/initializers/devise_token_auth.rb" of the Rails Project. We changed it from 5 seconds to 0 seconds.
It is a property to keep the current token available for that amount of time to the following requests.
As the original documentation: "Sometimes it's necessary to make several requests to the API at the same time. In this case, each request in the batch will need to share the same auth token. This setting determines how far apart the requests can be while still using the same auth token."
So when we did the request using Postman or in Java Debug the 5 seconds was running allowing Devise to generate new tokens then retrieve them to the client.
The flow is SAP NWAS 7/Java AS ---> Apigee On Premise--->Apigee OnCloud -----> Backend. and back.
Backend is posting a response of appx 17 MB back. I have streaming enabled both on cloud and on premise Apigee. But the sap NWAS client states that only partial response is received .
When we invoke from POSTMAN however, we are getting complete response.
Please suggest where the problem can be?
Since Postman works fine for you, it seems like it might be a problem on the client side. So, it's possible that the client requires more info on the response in order to be able to display the content e.g. Content-Type header. Another way to troubleshoot this issue is to send a cURL command to the resource in Apigee and store it in the filesystem to validate that not only Postman can parse the response. e.g.
curl http://yourresourcehere/images/12344 > img12344.png