Does nginx strip custom request headers? - nginx

In my nginx.conf I have this line in my server {} section:
log_format debug 'header: "$http_x_myapp" cookies: "$http_cookie"';
Then if I do
curl -H "X_MYAPP:test" -H "COOKIE:yay" localhost
I get something like this in my access log:
header: "-" cookies: "yay"
Does anyone know why nginx is throwing away the X_MYAPP header?

Oops... I'm stupid.
curl -H "X-MYAPP:test" -H "COOKIE:yay" localhost
works... stupid underscores...

The correct way to send cookies with curl is with the -b options:
curl -b 'yay' http://localhost

Related

How do I manually POST JSON data with only an ssh connection (no cURL or other utility)

I want to manually POST JSON data using just a keyboard and ssh connection (i.e. without cURL). The cURL functionality I'm trying to replicate which works great is equivalent to:
curl -s -w '\n' -X POST -D - \
-H "Content-type: application/json" \
-d '{"param1":"value1","param2":"value2"}' \
https:///myserver.com/mypath
However, when I connect manually:
openssl s_client -connect myserver.com:443 -quiet
and then enter
POST /mypath HTTP/1.1
Host: myserver.com
Content-type: application/json
Accept: application/json
{
"param1": "value1",
"param2": "value2"
}
I get the message "Json content error HV000116: The object to be validated must not be null." I've tried every variation I can think of with whitespace, and encoding, but I still get the error. I know I'm missing something simple, but what is it?
Doh! Just needed to add the Content-length header and everything worked

HTTP/1.1 Post to D-Link Camera

I am trying to use an HTTP POST command directly to a D-Link DCS-932L camera (I have one camera on F/W 1.12 and another on 1.14, if that helps). I keep getting the 404 File Not Found error.
Running Fiddler, I've turned on motion in the browser and seen the following request:
POST /setSystemMotion HTTP/1.1
Syntax is
ReplySuccessPage=motion.htm&ReplyErrorPage=motion.htm&MotionDetectionEnable=1&MotionDetectionScheduleDay=0&MotionDetectionScheduleMode=0&MotionDetectionSensitivity=45&ConfigSystemMotion=Save
If I try to turn on motion using an HTTP POST command via the Chrome Extension Postman using the exact same request and syntax I get
<html><body><h2>Error: File Not Found</h2>
<p>getfile: Cannot open URL(/etc_ro/web/setform/setSystemMotion,No such file or directory)</p></body></html>
It seems that the camera's server has decided to route my ./setSystemMotion to this ./etc_ro/web/setform folder. I'm happy to provide more details, but can anybody shed some light on what might cause that change?
Thanks!
I've the same issue.
resolved with this curl command taken from the below forum
curl "http://<IP>/setSystemMotion" -H "Host: <IP>" \
-H "Referer: http://<IP>/setSystemMotion" -H "Authorization: Basic <AuthCode>" \
-H "Connection: keep-alive" -H "Upgrade-Insecure-Requests: 1" \
--data "ReplySuccessPage=motion.htm&ReplyErrorPage=motion.htm&MotionDetectionEnable=1&MotionDetectionScheduleDay=127&MotionDetectionScheduleMode=1&MotionDetectionScheduleTimeStart=07"%"3A10"%"3A00&MotionDetectionScheduleTimeStop=18"%"3A50"%"3A00&MotionDetectionSensitivity=70&ConfigSystemMotion=Save"
https://www.developpez.net/forums/d1424172/systemes/hardware/achat-conseils/peripheriques/camera-ip-commandes-url-api-dlink-dcs-932l/#post8858654

Pass SSOTokenID as set-cookie value in OpenAM

I'm using openam OAuth/OpenID for user authentication. As mentioned in the documentations, I could get SSOTokenID as a JSON object by making following HTTP request.
curl -X POST -H "X-OpenAM-Username: demo" -H "X-OpenAM-Password: changeit" -H "Content-Type: application/json" -d '' -k -v https://openam.example.com:8443/openam/json/authenticate?realm=/
Instead of that, I want to get SSOTokenID as the Set-Cookie header value of the HTTP response. Are there anyway that i can do it?
Assuming you are only using an authentication module that accepts a NameCallback and PasswordCallback (as you used in your example), then you can just use the legacy UI zero-page login , you need to disable XUI though
Using your example
curl -X POST -d 'IDToken1=demo&IDToken2=changeit' -k -v https://openam.example.com:8443/openam/UI/Login?realm=/

How do you upload a file to a Milton WebDAV server using curl?

When I try to curl using the -T option, I get an empty reply:
$ curl --digest -u me:pwd -H "Content-Type:application/xml" -T test.xml http://localhost:8085/
curl: (52) Empty reply from server
Anyone know the incantation? The server works fine when connecting to it from the WebDAV client built into MacOSX.
By default curl sends Expect: Continue, but unfortunately java web containers don't play nicely with the Expect header. The simplest answer is to instruct curl not to send that header:
curl --digest -u a2 -H "Content-Type:application/xml" -H "Expect:" -T TestPBE-workspace.xml http://localhost:8080/users/a2/files2/
The better solution is to make expect:continue work, but from the research i've done it appears that depends on what web container you're using.

how to access GSA API

I have a Google Search Appliance and am trying to access the API to download the Event Logs. I am using curl through cygwin on the Windows 7 command line.
I am able to get an authentication token using
curl -X POST -d Email=username -d Passwd=password "http://ip.ad.dr.ess:8443/accounts/ClientLogin"
My problem is that when I attempt to retrieve the even logs themselves:
curl -k -X GET -d query=User -H "Content-type: application/atom+xml" -H "Authorization: GoogleLogin Auth=e73265ce254f7c4afbcbee1743a56e81" "http://10.29.5.5:8000/feeds/logs/eventLog"
curl says that it cannot reach the host:
curl: (7) couldn't connect to host
Any help in getting this to work is greatly appreciated.
Check if you can telnet to the IP-address. If you get a timeout there you should check firewalls etc.
C:\> telnet 10.29.5.5 8000
This looks like a more generic network problem than a problem with either the GSA or Curl.
The problem turned out to be the configuration with my GSA. The GSA is configured to require communication over HTTPS. Because all GSAs default to HTTP traffic over port 8000 and HTTPS traffic over 8443, my problem was solved by sending the following:
curl -k -X GET -d query=User -H "Content-type: application/atom+xml" -H "Authorization: GoogleLogin Auth=e73265ce254f7c4afbcbee1743a56e81" "https://ip.ad.dr.ess:8443/feeds/logs/eventLog"

Resources