How can I force cURL to send an invalid HTTP header, as follows:
curl -k 'https://192.168.1.1/' -H 'Host: 192.168.1.1' -H 'blah' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.8'
When I try the above, cURL helpfully leaves out the invalid header.
You can, but it's slightly more convoluted than that. curl will check that you use a colon and avoid passed in headers that don't have colons. But you can trick curl's colon check by passing in a header with embedded CRLF that then creates two header lines, and one of them can then be without colon.
For example like this:
curl -H "`printf "Foo: bar\r\nblah"`" -v localhost
(-v of course lets you see the actual request curl uses)
Related
I want to manually POST JSON data using just a keyboard and ssh connection (i.e. without cURL). The cURL functionality I'm trying to replicate which works great is equivalent to:
curl -s -w '\n' -X POST -D - \
-H "Content-type: application/json" \
-d '{"param1":"value1","param2":"value2"}' \
https:///myserver.com/mypath
However, when I connect manually:
openssl s_client -connect myserver.com:443 -quiet
and then enter
POST /mypath HTTP/1.1
Host: myserver.com
Content-type: application/json
Accept: application/json
{
"param1": "value1",
"param2": "value2"
}
I get the message "Json content error HV000116: The object to be validated must not be null." I've tried every variation I can think of with whitespace, and encoding, but I still get the error. I know I'm missing something simple, but what is it?
Doh! Just needed to add the Content-length header and everything worked
I tried generating a cURL request from Postman (using code option of postman).
As the request contains an input pdf file, there are certain header properties that are being added by postman.
Below is the curl that is generated (almost similar, changed some header for security reasons), response received 500, internal Server Error, "Current request is not a multipart request"
http://localhost:8080/test \
-H 'Accept: application/json' \
-H 'Content-Type: application/x-www-form-urlencoded,multipart/form-data; boundary=--------------------------895926775956600620357522' \
-H 'Some-Key: abcd' \
-H 'cache-control: no-cache' \
-F file=#/C:/path/to/my/file/abc.pdf
If you want to send the multipart request in Postman, you just need to do the following:
Don't specify a Content-Type in Header.
In Body tab of Postman you should select form-data and select file type
Read more here.
I am trying to send this HTTP request in Postman application:
curl -v https://api.someurl.com/z1/lists \
-X POST \
-H "Content-Type: application/json" \
-H "Authorization: authorization" \
-d '{ "list_id": "DXVBDAD" }'
Any body knows what -d stands for? and where should I put it in Postman?
The documentation says this:
(HTTP) Sends the specified data in a POST request to the HTTP server[...]
So this will be the body of your POST request. In Postman you have to put it into the 'body' field. There select 'raw' and then select 'application/json'.
Because that's the Content-Type of your request, specified with -H.
The -d or --data option makes the curl command send data in POST request to the server. This option makes the curl command pass data to the server using content-type (JSON in your case) just as the browser does when a user submits a form.
I'm newbie on this so I would like your help, according to CrazyCall docs I want to test those code examples in terminal using CURL, for example this one:
GET /api/v1/users HTTP/1.1
x-api-token: your-secret-api-key
Account: your-account-hash.crazycall.com
Host: api.crazycall.com
I tried to convert to curl and execute like this:
curl -XGET -H 'x-api-token: mdsRFGRV23XXXXXXX' -H 'Account: lopDOPLSVXXXX.crazycall.com' -H 'Host: api.crazycall.com' /api/v1/users
But it shows me a message <url> malformed
I also added "Content-type: application/json" header but it's still the same.
How can I fix it?
Prepand the protocol and domain (https://api.crazycall.com) to your path (/api/v1/users):
curl -X GET -H 'x-api-token: mdsRFGRV23XXXXXXX' -H 'Account: lopDOPLSVXXXX.crazycall.com' -H 'Host: api.crazycall.com' https://api.crazycall.com/api/v1/users
There is a sample in Jira API doc:
curl -D- -X GET -H "Authorization: Basic ZnJlZDpmcmVk" -H "Content-Type: application/json" "http://kelpie9:8081/rest/api/2/issue/QA-31"
What exactly does the -D- parameter mean? There is no description in curl documentation.
I'm also not sure whether -D- and -D mean the same thing.
It dumps headers to stdout.
The -D flag dumps headers to a file, and the following - instructs it to dump to stdout. From the linked spec:
-D, --dump-header
Write the protocol headers to the specified file.
It doesn't specify for this option, but this works like other options that take a filename:
Use "-" as filename to have the output sent to stdout.