I have an application which uses websso for authentication and I want to test my APIs using Postman. I used Postman Chrome App and Postman Interceptor to capture requests. These requests work fine in Chrome App. Then I've opened my saved requests in Postman Standalone App however they are not working because cookies are not transferred. Is there a way to use those requests in standalone app together with their saved cookies?
#canan,
Postman supports capturing requests and cookies from the v7.14. Install Postman interceptor extension and postman version above v7.14 and start capturing requests and cookies.
For more information on how to use interceptor go through this learning center
Related
I have read tons of SO and no luck. How do I send cookies in API requests from chrome extension?
I want to make a post request to my API through chrome extension. But, the API is protected. Luckily, I can get the cookie for the API if I am already logged into my app with chrome.cookie. But, how do you attach that cookie to the API request?
I can get the cookie of the website with chrome.cookie, but how do I attach that cookie to the API request?
I am implementing consuming a REST API. My development environment is not C#, cURL, PHP, or any other commonly-used environment. I am using a Postman collection furnished by the API's developers as a base for my implementation. Issuing the request works:
Postman screen capture
Automatically added cookies
When I disable the Cookie Jar, the request no longer works in Postman.
I believe that what I need to do is to imitate whatever Postman is doing to retrieve those cookies and include them in the header of my request. How is Postman retrieving those server-side cookies?
While developing a phonegap application, I can see the SetCookie header in responses from XHR login requests to an API I am using. As expected, when I inspect subsequent requests, I see the cookie being sent. I can also see that it is an httpOnly cookie, so I can't store it using scripts.
However, in the Chrome dev tools "Resources" I have no trouble deleting the cookie if I want to.
Yet, when I am running the application on an external iOS or Android device, using the Safari or Chrome Web Inspectors for each respective device, I can't see the cookies in the "Resources" panel. I don't see the cookie headers in requests or responses, either, yet somehow my requests are fine.
Is this a security measure, or is there an bug in my app/API to do with cookies?
I am trying to use rasterize.js from the phantomjs' exmaple folder to capture a web page into PDF. The problem I am having is that the web page requires user log in. Then I saw there is a cookie option for Phantomjs. The web site is Django powered just in case it matters.
So I logged into the site manfully, opened the firebug, and typed document.cookie in firebug. I got the cookie settings and put into my cookies.txt.
[http://localhost:7000]
csrftoken: f3da886168fae33b840e7f6c93240dff
sessionid: 27e90c3214b0ec94dadc739665724708
django_language: en
Then I used the rasterize.js to create the pdf like below:
phantomjs --cookies-file=cookies.txt examples/rasterize.js http://localhost:7000/reports /tmp/report.pdf
But the result is still the log in page.
Have you tried automating the login process in PhantomJS, making sure to include cookies param? This way phantomjs can authenticate a user just like a browser would, using cookies.
Another option would be to inspect the requests using a proxy like fiddler, compare the request made from firefox that works and the request made from phantomjs that is not authenticated. The information in the header should tell you what you are missing.
You can add cookies by using the function phantomjs provides:
http://phantomjs.org/api/webpage/method/add-cookie.html
Found an issue Forms authentication Cookie not sharing between the requests to service.
Cookie '.ASPXAUTH'generated and sent to Browser from the Login service successfully, but not sending the Cookie to consequent requests for the same service.
Found When Calling service from Cloud app the request using HTTP 1.1 and for Response it is HTTP 1.0
More observations with the user of Fiddler and other tools:
Working fine for the following circumstances:
Running Service and Client website from local development system
Hosting Service and Client on same IIS (local and remote)
Accessing based on URLs, cookies transmitted properly
Not working for the following circumstances:
Hosting service and Client in different IIS servers.
Hosting Service in IIS (or Azure) and Client from local development system
Some more details:
Both requests made for the same service i.e. same domain, same protocal, same port nr, etc.
Updates at 20-12-2012 15:14:
As I said earlier Login functionality working on Ajax call without fail, Fiddler shows the Set-Cookie on Response, but Browser not reading the Cookie.
Tried to read document.cookies on "complete:" event of $.Ajax(), where I unable to read the cookie. means browser not getting or holding the cookie (where Fiddler shows on the Response of the same)
Regards,
Ramakrishna
Using the Forms Auth, have you performed some actions to take the ASP.NET Session out of process and out of server?
You cannot share the session between servers, so you have to either use SQL Session State provider and put session into SQL Azure, or use the Windows Azure Cache and provided Session State Provider to storage the session into a cache.
I'm sure you are good in using internet search engines, but here is a list of good articles to start with (taking the session out of process):
http://msdn.microsoft.com/en-us/wazplatformtrainingcourse_buildingappswithcacheservice_topic3.aspx
http://msdn.microsoft.com/en-us/library/windowsazure/gg185668.aspx
http://msdn.microsoft.com/en-us/library/windowsazure/gg278339.aspx