How to get / using request.args.get().
When I send a text containing slash (/) API throws 502 Bad Gateway Error, otherwise it works as expected.
For example when I request /urls/?query=abcd it works fine, but when I request /urls/?query=abc/d API returns with 502 Bad Gateway Error
#app.route('/urls/')
def gl():
query = request.args.get('query', None)
/ is one of those characters that must be "URL encoded" (as %2F). In this case, you'd request
/urls/?query=abc%2Fb
See https://en.wikipedia.org/wiki/Percent-encoding for details, and note the RFC 3986 tables.
Or declare a path argument in your route like this:
#app.route('/urls/<path:query>')
Thus, /urls/query/abc/d should return abc/d into query
(path: Like string but accepts slashes.)
Related
I have an issue when including the special characters such as "#" in Amazon Listing API. For example, the sku, HP-2DP98AA#ABC-200621 will be updating the quantity at 20. However, Amazon API responses InvalidSignature
I did apply the encoding for the SKU before submitting the request to Amazon, but it is failed all the time. Any idea?
the AWS documents selling-partner-api-docs Rest API about how to patch the items URL is PATCH /listings/2020-09-01/items/{sellerId}/{sku}. This means that sku need to add in URL which contains "#" like this.
/listings/2020-09-01/items/{your sellerId}/HP-2DP98AA#ABC-200621
This request URL would be cause the exception or InvalidSignature from AWS , because "#" in URL need to encode "#" to "%23" such as below:
/listings/2020-09-01/items/{your sellerId}/HP-2DP98AA%23ABC-200621
Also, need to add sellerId, marketplaceIds, and sku parameters as well.
Additionally, AWS4 Canonical Request is like below:
AWS4 Canonical Request: '"PATCH
/listings/2020-09-01/items/{your sellerId}/HP-2DP98AA%2523ABC-200621
marketplaceIds={your marketplaceIds}&sellerId={your sellerId}&sku=HP-2DP98AA%23ABC-200621
content-type:application/json; charset=utf-8
host:sellingpartnerapi-na.amazon.com
x-amz-access-token:Atza|...
x-amz-date:20210831T190152Z
x-amz-security-token:Fwo...
content-type;host;x-amz-access-token;x-amz-date;x-amz-security-token
d1809d68......"
I created an API Gateway which contains multiple query parameters.
When I try to invoke its URL on Postman it works very well:
'https://xxx.execute-api.eu-central-1.amazonaws.com/stage/getfile/test.csv/.'
But, when I simulate the same request on Lambda, I get a Missing Authentication Token error.
headers = { 'Content-Type': 'application/json'}
url= 'https://xxx.execute-api.eu-central-1.amazonaws.com/stage/getfile/test.csv/.'
r=requests.request("GET",url,headers=headers)
r.text
'{"message":"Missing Authentication Token"}'
Replacing the dot "." by another character in the URL makes the error disappear but I need to send a dot.
No solution is possible for this kind of problem. I had to replace "." with dot and manage it with my code.
I recently experienced that on django rest framework a http 301 status code is returned when making a delete request, without including the trailing slash in the url when trailing_slash=True. While missing the trailing slash on a post request would return a runtime error. So my question is, is this a bug or is it expected behavior?
The 301 is expected because Django redirects you to the URL with the trailing slash since you have trailing_slash=True. See APPEND_SLASH settings if you want to change that.
I have 2 requests
1st Request
After did my first request, I get the response where I can parse for a taskId
In my test tab, I will then parse and store it like this
let taskId = pm.response.json().body.result[0].data.task
console.log(taskId)
I can see taskId printing in my console as 938
2nd Request
I require making a GET with this dynamic URL with the taskId that I got from the first one
http://localhost:3000/fortinet/monitor/{{taskId}}
So I set the above URL , set the HTTP verb to GET
in my Pre-request Script tab, I did this
let taskId = pm.globals.get("taskId")
Result
ReferenceError: taskId is not defined
Image Result
How can I debug this further?
The most suggested way is to use :key as in
http://localhost:3000/fortinet/monitor/:taskId
See the colon before taskId. The reason being, URI values sometimes many not be environment dependent. So, based on the usecase, you can use like I said or {{taskId}}
You have to set variable, but you are doing it wrong.
try this:
pm.globals.set("taskID", pm.response.json().body.result[0].data.task)
more you can read here:
https://learning.postman.com/docs/postman/variables-and-environments/variables/
Please note, that URL which ends with resource identified like https://example.com/:pathVariable.xml or https://example.com/:pathVariable.json will not work.
You can go with https://example.com/:pathVariable with Accept: application/json header.
For passing dynamic value, first you have to set it in environment or global variable in Tests tab because tests runs after request and you will get response value after request sent, but because you get response in json you have to first parse it, so what you can write in Tests tab is as follows:
var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("taskId", jsonData.token); // OR
postman.setGlobalVariable("taskId", jsonData.token);
Then you can use taskId as {{taskId}} wherever you want in url parameters or in request body or form data wherever.
If you want to know in detail how to extract data from response and chain it to request then you can go to this postman's official blog post which is written by Abhinav Asthana CEO and Co Founder of Postman Company.
I am developing a ExtJS application that uses a Django-rest-framework service. I am using CORS headers to allow fetching the data from the service (https://github.com/OttoYiu/django-cors-headers).
What happens is that at a point in time I want to change the URL from the store. And when I do that I get the following error:
XMLHttpRequest cannot load http://10.98.0.241:8000/reacsearch/as?_dc=1418831884352&page=1&start=0&limit=25. The request was redirected to 'http://10.98.0.241:8000/reacsearch/as/?_dc=1418831884352&page=1&start=0&limit=25', which is disallowed for cross-origin requests that require preflight.
In the settings.oy I define the following properties for the CORS
CORS_ALLOW_METHODS = (
'GET',
'OPTIONS'
)
CORS_ORIGIN_ALLOW_ALL = True
This works fine when I use URLs to list all the elements in my database, however when I change the store for another URL I get the error above. Also the link works fine in the browser.
The store url change is made this way:
var store = Ext.getStore(storeName);
store.getProxy().setUrl(newURL);
store.load();
The difference between the views, is that the two that work on the application are viewsets, while the other is just a generic list
class Example1viewset(viewsets.ModelViewSet):
"""
API endpoing that allows metabolites to be viewed.
"""
queryset = examples1.objects.all()
serializer_class = Example1Serializer
class Example1SearchList(generics.ListAPIView):
serializer_class = Example1Serializer
def get_queryset(self):
queryset = Example.objects.all()
if 'attr' in self.kwargs:
queryset = queryset.filter(Q(attribute1__contains=self.kwargs['attr']) | Q(attribute2__contains=self.kwargs['abbr']))
return queryset
Like I mentioned both examples work fine in the browser (even accessing through other computers in the network), however in the application when changing the URL of the store I get the CORS error. Does anyone has any idea why this is happening?
Thank you.
Edit:
Just for clarification, the problem is not in changing the url of the store. As I tried to set those urls as defaults, but they are not working when accessing from the application.
My urls.py file:
router = routers.DefaultRouter()
router.register(r'example', views.Example1ViewSet)
# Wire up our API using automatic URL routing.
# Additionally, we include login URLs for the browsable API.
urlpatterns = [
url(r'^', include(router.urls)),
url(r'^reacsearch/(?P<attr>.+)/$', Example1SearchList.as_view()),
url(r'^api-auth/', include('rest_framework.urls', namespace='rest_framework'))
Can it be that the problem is related with the fact that I am not adding the search list to the router?
Edit2
Problem solved since I was trying to fetch data from a different domain. I changed the type of store to jsonp in Extjs, and I also allowed my rest service to render data as jsonp.
Just a reminder if anyone comes accross this same problem, it is necessary to add ?format=jsonp to the store url:
http://my/url/?format=jsonp
Since it looks like an alternate solution was found, I'll explain what the issue appeared to be as well as why the alternative works.
XMLHttpRequest cannot load first url. The request was redirected to 'second url', which is disallowed for cross-origin requests that require preflight.
The issue here is that you are telling Django to enforce the trailing slash, which makes it automatically redirect urls without a trailing slash to urls with a trailing slash, assuming that one exists. This is why, as stated in the error, the request was redirected to the second url, which you can tell has the missing trailing slash. This is controlled by the APPEND_SLASH Django setting which is True by default.
The problem is that when CORS is doing a preflight request, which is what allows it to determine if the request can be made, there must be a valid response at the requested URL. Because you are redirecting the request, the preflight request fails and you're stuck without your information.
You can fix this by adding the trailing slash in your code. There appear to be a few solutions for doing this with ext, but I personally can't recommend a specific one. You can also manually set the url to use the trailing slash, which sounds like what you were doing previously.
Or you can use JSONP...
You've found the alternative solution, which is to use JSONP to make the request instead of relying on CORS. This gets around the preflight issue and works in all major browsers, but there are some drawbacks to consider. You can find more information on CORS vs JSONP by looking around.
You're going to need CORS if you want to push any changes to your API, as JSONP only supports GET requests. There are other advantages, such as the ability to abort requests, that also comes with CORS.