I am trying to POST with URL encoded data. Based on the web server logs, I am not actually sending any data from Twilio (request size is always 131 bytes, no matter what I type in the Studio widget box).
What does a working form body look like? Do I need to encode it myself? How do I escape an "=" that is not part of the key-value structure?
When making an HTTP request with the widget, when it is set to make Form URL encoded requests you can set the HTTP parameter keys and values which will automatically encode the values. There are known as URL parameter as the encoding is Form URL encoding. The parameters are encoded as if they were in a URL, but they are sent as the POST body.
Related
I am looking for a way to send a post request to a specific URI from PowerApps.
Basically I have a small audio file (webm) captured from the microphone and it's encoded using Base64. Now I have to send it to a server via post request and the encoded data should be put in the body of the request, since it is too big (for Nginx) to be put in the URL itself (?data=).
Can I achieve it in PowerApps?
Binary to encoded text (in PowerApps):
Set(BinaryAudioData_2, Substitute(JSON(Mic2.Audio,JSONFormat.IncludeBinaryData),"""",""));
Set(AudioFile, Mic2.Audio); Collect(Collection3, AudioFile);
You can trigger a Power Automate Flow from PowerApps, then Flow can target the specific URI. Read more
I am new to HTTP requests (GET, POST, PUT, ETC.) and I am having some issues understanding the "anatomy" of these procedures.
What exactly is the difference between the body and the data? Are they the same thing? Or are headers the same thing as the param? When authentication takes place, are the username and password params or headers or does it vary from API to API? Any help is greatly appreciated. Are there any tutorials or reads you recommend to better understand how to deal with HTTP requests?
Thank you!
Based on This article and some points of others, you could find out about differences between HTTP header & HTTP parameter ,and and also Body:
Header:
meta data about the request
HTTP Headers are NOT part of the URL
if it's information about the request or about the client, then the header is appropriate
headers are hidden to end-users
globally data
restrict Dos-attack by detecting authorisation on it's header, because a header can be accessed before the body is downloaded
Param:
the query params are within the URL
like this "tag=networking&order=newest"
if it's the content of the request itself, then it's a parameter
The product id and requested image size are examples of "some detail" (or parameter) being supplied as part of the content of a request
parameters can be seen by end-users (query parameters) on URL
Body:
data of business logic
important information
unlike body, proxy servers are allowed to modify headers
data in specefic kinds of requests
you can pass token by body as encoding & decoding in servers
For a full and correct understanding of these questions, RFC2616 recommend by Remy Lebeau is worth reading.
What exactly is the difference between the body and the data?
If you are reading some blog, the body (HTTP body) is be used to transfer data (probably in JSON format). The body carries data, in another way, you get data from body.
Are they the same thing?
So they are not same at all.
Or are headers the same thing as the param?
Header (HTTP header) is related to body, they are part of the HTTP message.
As param, it's usually refer to http request param, which usually looks like the following part of the question mark
url?paramName=paramValue¶mTwo=Value2
When authentication takes place, are the username and password params
or headers or does it vary from API to API?
They vary for different API's, normally not in param, probably in body of a post request.
Again, start from the RFC2616 would be a good choice.
data is not a HTTP specific term. data can be anything.
a 'parameter' is also not a HTTP specific term. Many web frameworks might consider parameters everything behind the ? in a url, but this is not an absolute truth.
usernames and passwords sometimes appear in the request body, sometimes in headers. In web applications they typically are in the request body, but certain types of authentication systems place them in the Authorization header.
I understand with GET request they need to be entered into a URL and therefore need to be URL (percent) encoded so that they don't mean anything in the context of a server interpreting the URL.
But if data is in the body of a request rather than the URL then why does it need to be URL encoded?
Example:
I'm developing a web page with a form which returns a PDF document based on the form data. Currently I use the HTTP response fields
Content-Type: application/pdf
Content-Disposition: attachment; filename="foo.pdf"
However, since the field Content-Disposition is non-standard and doesn't work in all browsers I'm looking for a different approach. Do I have to save the PDF document on the server? What is the modus operandi?
Edit: By "doesn't work in all browsers" I mean that with some browsers the filename is not set to foo.pdf. Dillo, for instance, just sets the default filename (in the download dialog) to the basename of the URL path (plus query string).
Do I have to save the PDF document on the server?
No. As far as the HTTP client is concerned it, the inner workings of the server are completely opaque to it. All it sees is a TCP stream of bytes from the server and how exactly that stream is produced doesn't matter as long as it matches the specified Content-Type.
Just send the PDF right after the HTTP headers and you're done with.
Update due to comment
So if you're wondering how to supply a filename without using a header field: Just augment the URL with it. I.e. something like
http://${DOMAIN}/${PDF_GENERATOR}/${DESIRED_FILENAME}
In the HTTP server add a rewrite rule to simply omit the filename part and redirect to just
http://${DOMAIN}/${PDF_GENERATOR}
The HTTP client does not see that, all it see is some URL ending with a "filename", that it can present the user as a default for saving.
I want to encode a URL such that it sends a POST request to a server. is that possible? and if so, how? I have searched around and mostly found that appending parameters to a url only sends them as parameters for GET request. is there a way to do that for POST request?
basically, i am trying to implement a CSRF (not for malicious but testing purposes) and i want to be able to send a POST request to a server by encoding my url.
GET and POST are HTTP methods. In GET the request parameters are taken as query string in the request URL. In POST the request parameters are taken as query string in the request body.
So you need to instruct whatever tool you're using to pass the parameters through the request body instead of the request URL along with a HTTP method of POST instead of (usually the default) GET.
Either way, the parameters just needs to be URL encoded anyway. There's no difference for POST or GET, unless you're setting the content encoding to multipart/form-data instead of (usually the default) application/x-www-form-urlencoded.
If you give more details about what programming language and/or library and/or framework you're using, then we may be able to give a more detailed answer how to invoke a HTTP POST request.
No.
The method is not part of the Url. You'd have to make the request in such a way that it uses the post method.
You didn't mention any details, but if it's from inside a document in the browser, you can either use a form:
<FORM action="someUrl.htm" method="post">
You can make a link that will send the form by javascript:
<form action="http://www.example.com/?param=value" method="post" id="someForm">
link
</form>
or an XmlHttpRequest with javascript:
var xhr = new XMLHttpRequest();
xhr.open("POST", url);
...