I'm working on validating a large amount of data. My Get request returns a JSON file with all of the information I need. My Put request needs to have all of that information, but also modify a few fields. Right now, I save all of the fields as separate environment variables, which are then pumped into the Put body.
Is there a quicker way of doing this, since I'm working with around ~100 different fields? Can I save the entire Get request in a single variable, which I then place in the Put? It hasn't worked so far, but I'm wondering if I'm missing something.
Nevermind, found the answer here https://github.com/postmanlabs/postman-app-support/issues/1825
Related
I was playing with Postman Flows, and I was trying to learn by using the Trello API. All requests work on their own if executed manually. I've also debugged values using the terminal to understand where the problem lies. Before that, here's a summary of what I'm doing.
Get all boards for a given trello workspace
For each board, delete that board.
The complete flow looks like this:
I've checked that on the last block Send Request, the looped value of /variable/id outputs the proper board id. I've done this by checking with a terminal block and a string block. I started suspecting that this is caused by a failure of Postman to understand that the variable I'm trying to use is a path variable and not a query parameter. As such I tried to pass a static value to the Send Request and it 404'ed as well (tech aside: in theory for n ids it should give me one 200 and n-1 404s since the variable is static and the board would not be able to be deleted multiple times).
My suspicion comes from the fact that when configuring the block for this request:
You do not get prompted to add the board variable. I've tried to type it in anyway, and even use combinations like :board, with no avail. In fact like I said above, if I use these variables with static values, it still 404s.
ignore the parsing message on the right hand side...
As you can see, board doesn't show up. Did I end up hitting a bug, or is this user error? One thing I do not know how to do, but would help clarify that the issue is that a null value is being passed on to the DELETE would be to output the request itself. On a terminal block I can only see the response.
Thanks in advance.
UPDATE:
After checking the Postman console on the app, I've noticed that in fact the path variable being used is whatever is set on the collection request. It's like it takes the URL as a static field and disregards the path variables. Any thoughts?
Path variables won't be available in your Send Request. Instead, define your path variable with an environment/collection/global variable (i.e. {{board}}) in the value of the path variable. Then it will show up the relevant block of your flow.
My first step is always the same - log in. When I log in I need to get four pieces of information from the headers. I then need to use those four cookies/values/whatever for subsequent actions (POST, PUT, GET, etc...)
Is there a way to save those four pieces of information from the headers into variables so that I can use them in my next query? Since my session seems to time out after like 3 minutes all the copy and pasting is driving me mad.
I found this for the response body:
var jsonData = JSON.parse(responseBody);
postman.setEnvironmentVariable("token", jsonData.token);
How can I do something like that but for information returned in the header?
if this is still an issue for you, you may have a look at this: https://www.getpostman.com/docs/postman/scripts/postman_sandbox
In paragraph "Request/response related properties" you have information on how to extract data from headers (request or response) and in the paragraph above, how to get data from cookies ...
hope this helps
Alexandre
I am using redirectTo() function with params to redirect to another pages with a query string in the url. For security purpose this does not look appealing because the user can change the parameters in the url, thus altering what is inserted into the database.
My code is:
redirectTo(action="checklist", params="r=#r#&i=#insp#&d=#d#");
Is there anyway around this? I am not using a forms, I just wish to redirect and I want the destination action/Controller to know what I am passing but not display it in the url.
You can obfuscate the variables in the URL. CfWheels makes this really easy.
All you have to do is call set(obfuscateURLs=true) in the config/settings.cfm file to turn on URL obfuscation.
I am sure this works with linkTo() function. I hope it works with RedirectTo() funcation as well. I do not have a set up to check it now. But if doesn't work for RedirectTo(), you can obfuscateParam() and deObfuscateParam() functions to do job for you.
Caution: This will only make harder for user to guess the value. It doesn't encrypt value.
To know more about this, Please read the document configuration and defaults and obfuscating url
A much better approach to this particular situation is to write params to the [flash].1 The flash is exactly the same thing as it is in Ruby on Rails or the ViewBag in ASP.Net. It stores the data in a session or cookie variable and is deleted at the end of the next page's load. This prevents you from posting back long query strings like someone that has been coding for less than a year. ObfuscateParam only works with numbers and is incredibly insecure. Any power user can easily deobfuscate, even more so with someone that actually makes a living stealing data.
I'm working with SWFUpload and Django, and I've noticed that authentication tends to break.
There is one part that is holding me up and I'm looking for direction more then a solution as I think know the solution is not yet available. (So I'm making it. )
I need to know how Django creates the WSGI request-object and how it's handled.
After looking at the source of django, it seems that csrf is done via the WSGIobject which have the appropriate cookeis appended to it. Naturally flash posts do not support this unless specified. SWFUpload offers the ability to send cookie data in the post params via a plugin, however I'd like to send them via headers on the URLRequest object. ( So that the Auth-Middleware and CSRF-Middleware can see it. )
My goal is to upgrade SWFUpload to send headers containing the values for what ever objects I pass it. The hard part for me is to figure out how those headers will be interpreted.
How does Django create the request.META object? | Where is the request.session object created?
I'm reading up on the WSGInterface now, but I'd like to accelerate this research. Thanks!
I believe what you're looking for is django.core.handlers.wsgi.
I'm trying to POST some JSON and a binary file from an iPhone to a Django server running django-piston using ASIHTTPRequest
I know how to get it to work if I am ONLY sending JSON strings, and I know how to make it work if I am ONLY sending a file, but doing both is tricky.
So we'll start with ASIHTTPRequest code
ASIFormDataRequest *request = [[ASIFormDataRequest alloc] initWithURL:url];
[request setRequestMethod:#"POST"];
[request setPostFormat:ASIMultipartFormDataPostFormat];
[request appendPostData:[#"{\"save\":{\"name\":\"iostest\"}}" dataUsingEncoding:NSUTF8StringEncoding]];
[request addData:UIImageJPEGRepresentation([UIImage imageNamed:#"test.jpg"], 1.0f)
withFileName:#"test.jpg"
andContentType:#"image/jpeg"
forKey:#"data"];
[request setDelegate:self];
[request startAsynchronous];
My best idea here is that adding raw string data directly to the POST body and then adding a file just doesn't work.
But if I instead try
[request setPostValue:#"{\"name\":\"iostest\"}" forKey:#"save"];
Then the piston data dictionary will store ['save'] as a string instead of a deserialized object, so it will literally deliver the string
"{\"name\":\"iostest\"}"
Here's my Piston handler code
def create(self, request):
data = request.data
print(data['save']) #{\"name\":\"iostest\"}"
print("Files: " + request.FILES['data'].name) #test.jpg
print("Data Save Name: " + data['save']['name']) #crash, interprets this as a string indeces lookup
Ideas are welcome.
I have basically hacked my way around this.
The basic problem is that the request format in which Django expects files to be submitted to the server is one which django-piston literally just drops the ball on.
When it encounters multipart requests, it simply doesn't try to parse the data.
The solution to this problem is to manually call the parsing engine, which, in the case of JSON, is straight out of django.utils (which is kind of disappointing).
You achieve this by using ASIHTTPRequest (or the request module of your choice) to set a standard post value by key, and then access it the old fashioned way.
from django.utils import simplejson
data = simplejson.loads(request.POST['save'])
Which basically just reduces this handler method at this point to nothing more than a regular old Django view in terms of the steps you have to take to get it going.
So clearly, django-piston is not built to deal with files apparently?
My best idea here is that adding raw
string data directly to the POST body
and then adding a file just doesn't
work.
That wouldn't work, no. If you're POSTing form data using 'application/x-www-form-urlencoded' format, or 'multipart/form-data' you're not going to be able to just tack some extra data on the end - it needs to go in as part of the form data. Something like this I guess...
[request setPostValue:#"{\"save\":{\"name\":\"iostest\"}}" forKey:#"data"];
But if I remove the string data and only post the file it still doesn't work.
Is more problematic...
or if it's Piston erroneously misreading the data.
I probably wouldn't look in that direction first - piston doesn't really mess with the request object, so it seems more likely that the ASI request isn't quite right.
I think the place to start would be to inspect the incoming request and check that it really is a valid formPOST request:
Check that request["CONTENT_TYPE"] is set to 'multipart/form-data'
Inspect the request.raw_post_data and make sure that it is valid form data as specified in http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.2 - check that the key names are as you expected and that the file content is present. (Obviously you'll want to use a small text file when you're testing this!)
Check which keys actually are present in request.FILES, if any, in case it's as simple as something like a misnamed field.
Failing all that I'd try to narrow down if it's a problem on the client or server side by trying to write a plain python client and seeing if you have the same issue then. Looking around, something like this: http://atlee.ca/software/poster/ might be useful.