post request with flask-socketio cannot connect to proxy - python-requests

I've tested my code in an environment(win10) with proxy settings, I didn't have to specify proxy settings and it works with only flask, but then when I start with sockio.run, it throws me the error :
HTTPSConnectionPool(host='notify-api.line.me', port=443): Max retries exceeded with url: /api/notify?message=12345 (Caused by ProxyError('Cannot connect to proxy.', OSError(0, 'Error')))
I have no idea why is this happening, I tried adding http and https proxies into the requests parameter, setting cors_allowed_origins='*', still doesn't work.
Am I missing some headers to make it work? And why does it work without socketio?
import flask
import requests
from flask_socketio import SocketIO, emit
from engineio.async_drivers import gevent
app = flask.Flask(__name__)
app.config["DEBUG"] = True
socketio = SocketIO(app, cors_allowed_origins='*')
#app.route('/', methods=['GET'])
def home():
headers = {
"Authorization": "Bearer " + 'qajyC1fFTqsabb3cTbnk5zCqDjRspZkDQwPPmeNbJCx',
"Content-Type" : "application/x-www-form-urlencoded"
}
payload = {'message': '12345'}
r = requests.post("https://notify-api.line.me/api/notify", headers = headers, params = payload)
return "12345"
socketio.run(app,host='10.110.50.51', port=8080)
Adding proxy to request doesn't work too
http_proxy = "http://10.xx.xxx.xxx:8080"
https_proxy = "https://10.xx.xxx.xxx:8080"
proxyDict = {
"http" : http_proxy,
"https" : https_proxy,
}
headers = {
"Authorization": "Bearer " +
'qajyC1fFTqsabb3cTbnk5zCqDjRspZkDQwPPmeNbJCx',
"Content-Type" : "application/x-www-form-urlencoded"
}
payload = {'message': '12345'}
r = requests.post("https://notify-api.line.me/api/notify", headers= headers, params = payload, proxies=proxyDict)
return "12345"


seems like it's the problem with urllib3 package,
changing the proxy https to http solved my problem
http_proxy = "http://10.xx.xx.xxx:8080"
https_proxy = "http://10.xx.xx.xxx:8080"
The https_proxy goes through http instead of https and establish handshake!!
But I'm still confused why this problem only appears when using socketio running the app

Related

CORS enabled, but adding cookies in header causes request to be blocked? I have enabled CORS with credentials server side, not sure how to solve this

Using express-session so need cookie id for authentication, but even with setting up CORS correctly (or what I thought to be) on front and back end I'm still getting issues. CORS is working without cookies enabled.
Backend config
const corsOptions = {
origin: "*",
methods: "GET,HEAD,PUT,PATCH,POST,DELETE",
preflightContinue: false,
optionsSuccessStatus: 204,
credentials: true,
};
Frontend config (using Relay)
const response = await fetch("http://localhost:4002/graphql", {
method: "POST",
credentials: "include", // Allow cookies to be sent
headers: {
Authorization: `*/*`,
"Content-Type": "application/json",
}
If I do not include credentials the response shows that CORS cookies are allowed:
However, as soon as I enable credentials in the client fetch config, the request is blocked. There is no response, I think Firefox is blocking the req before it is sent?
Thank you in advance for any help!

The issue was not setting the accepted CORS origins to "*", as said in the console (thanks Quentin).

NTLM requests in K6 and .NEТ Core

I wrote load testing of my API with NTLM auth (here I additionally check if NTLM authorized user is presend in Database). During resquest:
var url = 'https://login:*****#localhost:xxxx/api/authorization/logon';
var payload = { };
var params = {
headers: {
'Content-Type': 'application/json'
},
};
let response = http.post(url, params, {auth: "ntlm"});
check(response, {
'status is 200': (r) => r.status === 200
});
}
i have an error:
error="Post "https://user:*****#localhost:xxx/api/authorization/logon": stream error: stream ID 3; HTTP_1_1_REQUIRED".
Why? Kestrel serve HTTP/1.1

This is an issue in the way Go standard library's HTTP client operates, that is described here in detail, in which for HTTPS endpoints, connection is forcibly upgraded to HTTP/2.0, which is not supported by the NTLM protocol.
I'm not sure, but maybe you can disable this connection upgrade in Kestrel.

you can set in your global system environment to enable HTTP1.1

Angular 5 to CherryPy POST

I am trying to send data to a cherrypy backend from an Angular 5 app. I am able to call the correct cherrypy function and get a 200 response, but none of my parameters are getting through.
One thing that caught my eye was that my payload, when I click view source in the chrome debugger looks like this {"username":"admin","password":"admin"}. Is this supposed to be formatted differently?
Here's my post:
getUserDetails(username, password) {
const _headers = new HttpHeaders();
const headers = _headers.append('Content-Type', 'application/json');
const options = {headers: headers };
this.data = JSON.stringify({ username, password });
return this.http.post(this.url1 + 'login', this.data, options )
.subscribe(data => {
console.log(data);
});
}
Again, this gets to the proper endpoint, just none of the data gets through.
Here's cherryPy:
Login Function:
class authServer(object):
#cherrypy.expose
def login(self,*args, **kwargs):
print(type(args),args, kwargs)
I've tried various args, if I have username and password I get the error saying missing parameters.
Here's the cherrypy configuration.
def CORS():
"""Allow AngularJS apps not on the same server to use our API
"""
cherrypy.response.headers["Access-Control-Allow-Origin"] = "*"
cherrypy.response.headers["Access-Control-Allow-Headers"] = \
"content-type, Authorization, X-Requested-With"
cherrypy.response.headers["Access-Control-Allow-Methods"] = 'GET, POST'
if __name__ == '__main__':
cherrypy.tools.CORS = cherrypy.Tool('before_handler', CORS)
cherrypy.log.error_log.propagate = False
cherrypy.log.access_log.propagate = False
cherrypy.config.update({'server.thread_pool': 30,
'tools.CORS.on': True,
'server.socket_host': '0.0.0.0',
'server.socket_port': 8081})
cherrypy.quickstart(authServer(), '/')
I've made countless posts to cherrypy before. The only difference here is the frontend I'm using. Any help would be greatly appreciated.
Thanks,

Turns out it was a CORS issue. I changed my CORS function from this:
def CORS():
cherrypy.response.headers["Access-Control-Allow-Origin"] = "*"
cherrypy.response.headers["Access-Control-Allow-Headers"] = \
"content-type, Authorization, X-Requested-With"
cherrypy.response.headers["Access-Control-Allow-Methods"] = 'GET, POST'
to this:
def CORS():
if cherrypy.request.method == 'OPTIONS':
cherrypy.response.headers['Access-Control-Allow-Methods'] = 'POST'
cherrypy.response.headers['Access-Control-Allow-Headers'] = 'content-type'
cherrypy.response.headers['Access-Control-Allow-Origin'] = '*'
return True
else:
cherrypy.response.headers['Access-Control-Allow-Origin'] = '*'
cherrypy.tools.CORS = cherrypy._cptools.HandlerTool(CORS)
Above my main function I put this:
#cherrypy.expose
#cherrypy.config(**{'tools.CORS.on': True})
#cherrypy.tools.json_in()
#cherrypy.tools.json_out()

Calling Twitter API from Postman works, but from Angular 2 app it doesnt'

I am trying to use Twitter API in my app.
When I run it from Postman, it works great.
However, when I run it from my app, using Google Chrome I get
XMLHttpRequest cannot load
https://api.twitter.com/1.1/search/tweets.json?q=canada. Response to
preflight request doesn't pass access control check: No
'Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:3000' is therefore not allowed
access. The response had HTTP status code 400.
Here is my code for it
...
getTweets(hashtag : string){
var headers = new Headers();
headers.append('Authorization', 'Bearer AAAAAAAAAAAAAAAAAAAAAONruQAAAAAAfxQda4njz64axXN9sw4U0oU%3Dr1niTwKwXoOZXmZczDKgN0wWHWEMPrPcnXXMgVQhiTIzays7J');
var requestOptions = new MyRequest();
requestOptions.headers = headers;
return this.http.get('https://api.twitter.com/1.1/search/tweets.json?q=montreal', requestOptions);
}
}
class MyRequest implements RequestOptionsArgs {
public headers: Headers;
}

The Twitter API doesn't support CORS but JSONP. So you need the leverage the JSONP support of Angular2.
Here is à sample. First specify the corresponding providers when bootstrapping your application:
import {bootstrap} from 'angular2/platform/browser'
import {JSONP_PROVIDERS} from 'angular2/http'
import {AppComponent} from './app.component'
bootstrap(AppComponent, [ JSONP_PROVIDERS ]);
Then inject the Jsonp class (instead of the Http one) and use it to make your request:
export class AppComponent {
constructor(jsonp:Jsonp) {
var url = 'https://api.twitter.com/1.1/search/tweets.json?q=montreal&callback=JSONP_CALLBACK';
var headers = new Headers();
headers.append('Authorization', 'Bearer AAAAAAAA(...)sw4U0oU%');
jsonp.request(url, { method: 'Get', headers: headers })
.subscribe((res) => {
this.result = res.json()
});
See rhis question for more details:
I need to do a http request to a mail chimp subscription list via a component post

Lua http request hangs

I am calling lua http.request with timeout. before i make http request if network is down i will get http status as network unreachable but if network is not available after Http request it just hangs. is there any way to handle this issue.
local isHttps = string.match(type(url) == "table" and url.url or url, "^https:")
local http = isHttps and require("ssl.https") or require("socket.http")
local r,s,h
if isHttps then
http.TIMEOUT = 300
r,s,h = http.request ({
url = url,
method = "GET",
sink = ltn12.sink.table(results),
headers= ["Cache-Control"]
= "no-cache"["X-Token"]=config.token
})

Resources