I have a request post the send in acunetix scanner , but don't know how to send it and how to specify the post method , because when i added the headers in the "custom headers" option in acunetix scanner i got the get method sendded instead of the post one .
This is my request to send:
POST /Test/new_date HTTP/1.1
Host: app-test-ext
Content-Type: application/json
Cache-Control: no-cache
{UserName:test01,Password:poper}
Related
Trying to learn the eBay post-order api using Postman. I have put together a simple check_eligibility call using a listing to see how it works. The PostMan http call follows.
POST /post-order/v2/inquiry/check_eligibility HTTP/1.1
Host: api.ebay.com
X-EBAY-API-IAF-TOKEN: TOKEN AgAAAA**AQAAAA**aAAAAA**0QqhYQ**........
Content-Type: application/json
X-EBAY-C-MARKETPLACE-ID: EBAY_US
Accept: application/json
{ /* CheckInquiryEligibilityRequest */
"itemId": 125119365456,
"transactionId": 0
}
No matter how I structure the call I get a 401 unauthorized return. I am using a Auth'n'Auth token which according to eBay documentation, https://developer.ebay.com/DevZone/post-order/concepts/MakingACall.html#example, is acceptable.
Any thoughts?
Thank you in advance.
I'm trying to get all media items in my Google Photos library and referred following documentation link.
https://developers.google.com/photos/library/guides/list
Documentation says client can request pages using pageSize and provided following example.
GET https://photoslibrary.googleapis.com/v1/mediaItems
Content-type: application/json
Authorization: Bearer OAUTH2_TOKEN
{
"pageSize":"100",
}
i think the comma after 100 is a documentation error and i removed it from request, but whenever i add pageSize (or pageToken) parameter, server always return with 400 Bad Request <p>Your client has issued a malformed or illegal request.<ins>That’s all we know.</ins>
Here are some example REST API calls i tried
GET /v1/mediaItems HTTP/1.1
Host: photoslibrary.googleapis.com
Content-Type: application/json
Authorization: Bearer xxx
{
"pageSize":10
}
GET /v1/mediaItems HTTP/1.1
Host: photoslibrary.googleapis.com
Content-Type: application/json
Authorization: Bearer xxx
{
"pageSize":"10"
}
GET /v1/mediaItems HTTP/1.1
Host: photoslibrary.googleapis.com
Content-Type: application/json
Authorization: Bearer xxx
{
"pageToken":"blha blha"
}
Please note that whenever i removed the json from request body, it start returning 200 OK with predefined pageSize. but i would like to control the pageSize and request next pages using pageToken.
Thanks for any guidance on this matter.
I just started looking at this too. Those parameters shouldn't be passed in the body. They are query parameters. So something like this:
https://photoslibrary.googleapis.com/v1/mediaItems?pageSize=100
That worked for me at least. Check out further documentation at https://developers.google.com/photos/library/reference/rest/v1/mediaItems/list to review information about the query parameters.
I am able to successfully use Postman to authenticate and subsequently get data housed within a sandbox but I cannot figure out how to specify the same data within ADFv2.
I'm expecting to retrieve, temporarily store and later use a bearer token that this API generates. This token is then used in the second step that actually downloads the data I want in JSON format.
For the Authentication step, Postman generates code that looks this:
POST /v1/oauth/token HTTP/1.1
Host: api.sandbox.COMPANY.com
Ocp-Apim-Subscription-Key: MYKEY
Content-Type: multipart/form-data; boundary=----
WebKitFormBoundaryALPHANUM
cache-control: no-cache
Postman-Token: MYTOKEN
Content-Disposition: form-data; name="key"
MYKEY
Content-Disposition: form-data; name="grant_type"
vapi_key
------WebKitFormBoundaryALPHANUM--
I've created a linked HTTP and REST connection in ADFv2 with the base URL of "https://api.sandbox.COMPANY.com" and using no authentication.
I cannot figure out how to translate the functional Postman connection to a way that ADFv2 will work. Thoughts?
You could check this example.
https://learn.microsoft.com/en-us/azure/data-factory/connector-http#dataset-properties
I'm trying to connect to a https web service (not .NET as far as I know).
I can't control the other side in any way, I just got some standards and a wsdl to operate
with it.
I have created at first the client using Add Service Reference, tried some things until I get through some problems, where one most serious was that I couldn't add the Authentication header to the message which was resulting in fail.
Added the service using old Add Web Reference and seemed more easily managed and appropriate, using a partial class and override the GetWebRequest, I added this code so I can preauthenticate with the service and add the security header, which they don't mention in the wsdl link. I know that it is not mandatory for services to tell this but it would be nice my Web Service creators fellow developers.
protected override WebRequest GetWebRequest(Uri uri)
{
HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(uri);
if (PreAuthenticate)
{
NetworkCredential networkCredentials = Credentials.GetCredential(uri, "Basic");
if (networkCredentials != null)
{
byte[] credentialBuffer = new UTF8Encoding()
.GetBytes(networkCredentials.UserName + ":" + networkCredentials.Password);
request.Headers["Authorization"] = "Basic" + Convert.ToBase64String(credentialBuffer);
}
else
{
throw new ApplicationException("No network credentials");
}
}
return request;
}
To call the service I added this code:
using (Service client = new Service()) // autogenerated Service class
{
client.EnableDecompression = true;
// Create the network credentials and assign
// them to the service credentials
NetworkCredential netCredential = new NetworkCredential("test1", "test1");
Uri uri = new Uri(client.Url);
ICredentials credentials = netCredential.GetCredential(uri, "Basic");
client.Credentials = credentials;
// Be sure to set PreAuthenticate to true or else
// authentication will not be sent.
client.PreAuthenticate = true;
// Make the web service call.
Request req = new Request { UserName = "test2", Password = "test2"; // an object created from autogenerated code
RequestResult result = client.processMessage(req); // autogenerated code
}
While testing this call and checking with fiddler my request. I see 2 calls a keep alive call with these header, nothing special.
CONNECT server:443 HTTP/1.1
Host: server
Connection: Keep-Alive
Sending 570 returning a 200 result.
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 00:05:13.743
Connection: close
And the call with the data sending 571 result 500 error:
POST /host/Service HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.5448)
Authorization: BasicdXNlcOTc3MzQyMGTDFTR4dftfrdg5 // changed this hash for security reasons
VsDebuggerCausalityData: // Removed this hash for security reasons
Content-Type: text/xml; charset=utf-8
SOAPAction: ""
Host: server-host-url
Content-Length: 7238
Expect: 100-continue
Accept-Encoding: gzip
Connection: Keep-Alive
The error exception in .NET client:
Error on verifying message against security policy Error code:1000
As you see the Authorization header exist. I also tried with adding a space after Basic you can see above where exactly in the overriden method, and seemed fiddler recognized it better and also decoded the username:password header.
This results into that response:
HTTP/1.1 500 Internal Server Error
Date: Sat, 21 Apr 2012 21:05:22 GMT
Server: Oracle-Application-Server-11g
X-Powered-By: Servlet/2.5 JSP/2.1
X-Cnection: close
Transfer-Encoding: chunked
Content-Type: text/xml;charset="utf-8"
Content-Language: en
X-Pad: avoid browser bug
Set-Cookie: BIGipServerpoolXoas243_254_9999=437682499.99988.0000; path=/
The strange thing I wonder first is if the first call should be preauthenticated, the handshake keep alive one? This 500 error I know that causes when authentication header is not present, but mine is. Preauthentication is what I need to know how it should happen and I guess it's not working if it should appear in the 1st message.
Another strange thing is that if I change the 2 pairs of passwords opposite, I see on fiddler that I get 3 messages, 1 with the handshake and result in 200 and "TWO" others with 401 Authorization Required.
This drives me crazy. Any help appreciated to save my soul.
Thank you!
I am trying to set cookie from client using below code snippet, I am using JAXWS RI 2.2.3.
Map<String, Object> ctxt = ((BindingProvider) portType).getRequestContext();
Map<String, List<String>> httpHeaders = new HashMap<String, List<String>>();
httpHeaders.put("Content-Encoding", Collections.singletonList("gzip"));
httpHeaders.put("Cookie", Collections.singletonList(cookie));
ctxt.put(MessageContext.HTTP_REQUEST_HEADERS, httpHeaders);
From the SOAP log I see that Cookie is not getting set, but it's set in the context header.
Any other header is getting set except Cookie and I am not able to find out the reason.
I need to get a session from one service and set it to another service to work with it, but I am not able to do so here.
HTTP headers: {Cookie=[mysession="529fc605-8188-7f3b-21ad-92407976d5a9";], Accept-Encoding=[gzip], Content-Encoding=[gzip]}
---[HTTP request - https://10.112.83.155:443/eam/sdk/]--- Accept: text/xml, multipart/related Accept-Encoding: gzip Content-Encoding: gzip Content-Type: text/xml; charset=utf-8 [] Set-Cookie: vmware_soap_session="529fc605-8188-7f3b-21ad-92407976d5a9"; SOAPAction: "urn:internaleam/2.0" User-Agent: JAX-WS RI 2.2.3-b01-
This was a bug in JAX-WS. Bug link: JAX_WS-1044
Currently fixed in JAX-WS 2.2.7 which is not yet released.