I am trying to call an API on a 3rd party application (Qlik Catalog).
They provide a Swagger page where I have tested the call, and it provides a curl:
curl
-X PUT "http://xxxxnnnnnn.xxxxxxx.xxxx.xxx:nnnn/qdc/entity/v1/loadDataForEntities/true"
-H "accept: */*"
-H "Content-Type: application/json"
-H "X-XSRF-TOKEN: xnxnxnxn-xxxx-xxxx-xxxx-xxxx"
-d "[{\"entityId\":\"1234\",\"loadType\":\"OVERWRITE\",\"loadTime\":\"123456789012\"}]"
I am implementing this via Python but getting:
Request method 'PUT' not supported
Any ideas what the problem might be ??
Thanks
Code below (with lots of debug printing!):
url_stem = 'http://xxxxnnnnnn.xxxxxxx.xxxx.xxx:nnnn/qdc/entity/v1/loadDataForEntities/true'
payload = [{"entityId":"1234","loadType":"OVERWRITE","loadTime":"123456789012"}]
headers = {'accept': '*/*','Content-type': 'application/json','X-XSRF-TOKEN':'xnxnxnxn-xxxx-xxxx-xxxx-xxxx'}
print('-------------------------')
print('[Sending]..')
print(' url: %s' % (url_stem))
print(' payload: %s' % (payload))
print(' headers: %s' % (session.headers))
print(' cookies: %s' % (session.cookies))
response = session.put(url_stem, json=payload, headers=headers)
print('-------------------------')
print(' Reponse.....')
print(' [Status]:%s' % response)
print(' [response json]: %s' % response.json())
print(' [rsp:Headers]:%s' % response.headers)
print('-------------------------')
And the CMD output:
[Sending]..
url: http://xxxxnnnnnn.xxxxxxx.xxxx.xxx:nnnn/qdc/entity/v1/loadDataForEntities/true
payload: [{'entityId': '1234', 'loadType': 'OVERWRITE', 'loadTime': '123456789012'}]
headers: {
'accept': '*/*',
'Content-type': 'application/json',
'X-XSRF-TOKEN': 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx'
}
sess cooks: <RequestsCookieJar[
<Cookie JSESSIONID=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx for xxxxnnnnnn.xxxxxxx.xxxx.xxx/qdc>,
<Cookie XSRF-TOKEN=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx for xxxxnnnnnn.xxxxxxx.xxxx.xxx/qdc>
]>
-------------------------
Reponse.....
[Status]:<Response [405]>
[response json]: {
'code': 'DYNAMIC_ERROR',
'fullCode': 'pgui.error.code.DYNAMIC_ERROR',
'message':"pgui.error.code.DYNAMIC_ERROR - Request method 'PUT' not supported",
'localizedMessage': "pgui.error.code.DYNAMIC_ERROR - Request method 'PUT' not supported"
}
[rsp:Headers]:{
'X-Content-Type-Options': 'nosniff',
'X-XSS-Protection': '1;
mode=block',
'Cache-Control': 'no-cache, no-store, max-age=0, must-revalidate',
'Pragma': 'no-cache',
'Expires': '0',
'Content-Security-Policy': "script-src 'self' 'unsafe-inline' 'unsafe-eval'; block-all-mixed-content",
'Referrer-Policy': 'same-origin',
'Permissions-Policy': 'geolocation=(),camera=()',
'vary': 'accept-encoding',
'Content-Encoding': 'gzip',
'Content-Type': 'application/json',
'Transfer-Encoding': 'chunked',
'Date': 'Tue, 24 Aug 2021 13:45:19 GMT',
'Keep-Alive': 'timeout=20',
'Connection': 'keep-alive'
}
Related
Trying to workout why chrome is still firing prefetch request even though the Access-Control-Max-Age has been specified when combined with the Authorization header. If I remove the Authorization header preflight caching works as expected.
Request headers
:method: OPTIONS
:path: /v1/api
:scheme: https
accept: */*
accept-encoding: gzip, deflate, br
accept-language: en-GB,en-US;q=0.9,en;q=0.8,pt-BR;q=0.7,pt;q=0.6,fr;q=0.5
access-control-request-headers: authorization,content-type
access-control-request-method: POST
origin: https://null.jsbin.com
referer: https://null.jsbin.com/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
Response headers
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-max-age: 86400
content-length: 0
content-type: application/json
date: Wed, 04 Aug 2021 08:30:50 GMT
I'm slowly grinding through this doc https://fetch.spec.whatwg.org/#http-cors-protocol but can't see any reason why Authorization should block preflight caching.
Also, as an aside. If Authorization is incompatible with Access-Control-Max-Age is it such a bad idea to include the auth token in the body rather than as a header from a security point of view? You may assume, over TLS.
Server code: https://glitch.com/edit/#!/prairie-bright-earl?path=server.js%3A22%3A0
Client code: https://jsbin.com/dejetem/16/edit?js,console
For reasons that are not totally clear to me, specifying Access-Control-Allow-Headers: Authorization, * "fixes" things and the Access-Control-Max-Age: 10 is respected. The authorization header is an edge case which must be explicitly safe listed by the server
[0][1][2]
const buildHeaders = origin => {
return {
"Access-Control-Allow-Methods": "*",
// the key line 👇
"Access-Control-Allow-Headers": "Authorization, *",
"Access-Control-Allow-Origin": "*",
"Access-Control-Max-Age": "10"
};
};
fastify.options("/", function(request, reply) {
reply
.code(200)
.headers(buildHeaders(request.headers.origin))
.send();
});
fastify.post("/", function(request, reply) {
reply
.code(200)
.headers(buildHeaders(request.headers.origin))
.header("Content-Type", "application/json; charset=utf-8")
.send({ hello: "world" });
});
const url = 'https://dynamic-past-deltadromeus.glitch.me/'
const opts = {
headers: {
'Content-Type': 'application/json',
'Authorization': 'asdf'
},
method: 'POST',
body: JSON.stringify({ message: 'ping' }),
}
fetch(url,opts)
Source code:
Server source code https://glitch.com/edit/#!/dynamic-past-deltadromeus?path=server.js%3A8%3A0
I had this proxy:
router.post('/proxy/foo', function (req, res, next) {
const proxy = http.request({
method: 'POST',
port: 4000,
hostname: 'localhost',
path: `/files/foo`,
headers: {
'Content-Type':'multipart/form-data'
}
},
function (resp) {
resp.pipe(res).once('error', next);
});
req.pipe(proxy).once('error', next);
});
I was sending a POST request to this proxy handler using, the following headers:
{ 'content-type': 'multipart/form-data; boundary=--------------------------842381361531134328792158',
'cache-control': 'no-cache',
'postman-token': '1a5daa0b-2643-45bc-accc-3f7f3ced948d',
'user-agent': 'PostmanRuntime/7.1.1',
accept: '*/*',
host: 'localhost:3040',
cookie: 'cdt_app_token=foobar',
'accept-encoding': 'gzip, deflate',
'content-length': '176',
connection: 'keep-alive' }
Given that, I was getting this error:
Error: content-type missing boundary
So I changed it so that it the proxy request used the same headers as the original request, which makes sense:
const proxy = http.request({
method: 'POST',
port: 4000,
hostname: 'localhost',
path: `/files/foo`,
headers: Object.assign({}, req.headers) // <<<<<<<<<
},
function (resp) {
resp.pipe(res).once('error', next);
});
Now it works, because of this header in particular:
'content-type': 'multipart/form-data; boundary=--------------------------842381361531134328792158'
So what is that boundary thing?
This Meteor server code uses atmosphere HTTP package. I receive human un readable characters from response.content even though characters are readable fine in the browser.
Why and how to fix that? Thanks
const response = HTTP.call(method, url, {
timeout: 30000,
headers: header,
params: Params,
followRedirects: true
}
);
console.log(response.content);
response header has:
'content-type': 'text/html'
'content-encoding': 'gzip'
request header has:
"Accept-Encoding": "gzip, deflate",
"Accept-Language": "en-US,en;q=0.5",
"Content-Type": "application/x-www-form-urlencoded"
I have a meteor method which uses HTTP.get to make a request to an API. From what I understood from the docs I can provide options with a headers object to set various things like Content-Type. I've tried this with the following code:
var r = HTTP.call("GET", apiUrl, { headers: { "Content-Type": "application/json" } });
console.log(r);
But this doesn't seem to work, the content type is till "text", see output below:
I20160302-13:50:22.706(0)? headers:
I20160302-13:50:22.706(0)? { 'access-control-allow-headers': 'Content-Type, api_key, Authorization',
I20160302-13:50:22.707(0)? 'access-control-allow-methods': 'GET',
I20160302-13:50:22.707(0)? 'access-control-allow-origin': '*',
I20160302-13:50:22.707(0)? 'content-type': 'text/plain; charset=utf-8',
I20160302-13:50:22.707(0)? date: 'Wed, 02 Mar 2016 13:50:20 GMT',
I20160302-13:50:22.707(0)? server: 'nginx/1.6.2',
I20160302-13:50:22.707(0)? 'content-length': '267',
I20160302-13:50:22.707(0)? connection: 'keep-alive' },
I've tried switching this about using "content-type" and "Content-Type". I've also tried using the shortened HTTP.get function
using the WiFlyHQ library i try to send an POST request, it seems like the request header get cropped, if i inspect the request on the server i can see the following:
headers: { host: 'localhost:3000', 'content-type': 'application' },
with this setup;
void SendJasonPacket()
{
wifly.open(Server, ServerPort);
wifly.println("POST / HTTP/1.1");
wifly.println("Host: localhost:3000");
wifly.println("Content-type: application/json");
wifly.println("Accept: application/json");
wifly.println("Content-Length: 93");
wifly.println("User-Agent: easyNAM/0.0.1");
wifly.println("{'checkin':{'device_token': '122','card_token': '12312', 'timestamp': '2012-10-29T14:31:03'}}");
wifly.close();
}
i tried a couple of different headers, that's what i got:
headers: { 'user-agent': 'easyNAM/0.0.1', accept: 'application/j' },
headers: { accept: 'application/json', 'user-agent': 'easyNAM/0' },
headers: { host: 'localhost:3000', 'content-type': 'application' },
it seems, that it get cropped after a specific character count, not sure what i did wrong here....
I believe memory is the issue, i ran into the same issue. I am using VS 2012 to build my app and when it reaches 60% it tends to act sporadically.