Good morning,
I have to convert a string in a url string with hex code.
I found many webapps that makes this but i need to find a web service call like:
https://urlencode.com/<string>
and it response with the string encoded.
example:
call: https://urlencode.com/Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.79 Safari/537.36 Edge/14.14393
response: Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F51.0.2704.79%20Safari%2F537.36%20Edge%2F14.14393
do you know something or i have to make the code manually?
Related
I am using Amazon Cognito with Advanced Security enabled (currently in AUDIT only).
I am not using a hosted UI. I call Cognito via the AWS SDK in PHP from a backend server while the frontend is gathering the data required for Advanced Security according to https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-viewing-advanced-security-app.html
The data gathered looks fine and contains the correct Device and OS from the client. (for example Windows + Chrome).
Decoded payload gathered in the fronted looks like this
'{"payload":"{\\"contextData\\":{\\"UserAgent\\":\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36\\",\\"DeviceId\\":\\"XXXX:XXXX\\",\\"DeviceLanguage\\":\\"de-DE\\",\\"DeviceFingerprint\\":\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36PDF Viewer:Chrome PDF Viewer:Chromium PDF Viewer:Microsoft Edge PDF Viewer:WebKit built-in PDF:de-DE\\",\\"DevicePlatform\\":\\"Win32\\",\\"ClientTimezone\\":\\"02:00\\"},\\"username\\":\\"XXX\\",\\"userPoolId\\":\\"XXX\\",\\"timestamp\\":\\"1666690380680\\"}","signature":"XXXX","version":"JS20171115"}'
Inside of Cognito it looks like this
The shown device is probably our backend server, this seems wrong.
Backend call looks like this for login
$this->client->initiateAuth([
'AuthFlow' => 'USER_PASSWORD_AUTH',
'AuthParameters' => [
'USERNAME' => $username,
'PASSWORD' => $password,
'SECRET_HASH' => $secret,
],
'ClientMetadata' => [
...
],
'ClientId' => $this->clientId,
'UserContextData' => [
'EncodedData' => $encodedData,
'IpAddress' => $ip,
],
]);
I am also sending this data for forgotPassword, confirmForgotPassword and signUp with the same result showing Linux as device.
Why is the client device from the encoded data not shown in Cognito? It looks like that Cognito is ignoring me sending the encoded data and uses only my request information, which would break the whole concept of advanced security.
After changing from initiateAuth to adminInitiateAuth I can see the correct devices at least in the cognito overview.
I have configured SAML Web SSO for my application.
Today I came across the following scenario:
User tries to access a page of a Service Provider (SP) who is not authenticated and is redirected to the SAML login page of WSO2 to enter his credentials using Local Basic Authenticator.
User opens a second tab with the same Service Provider before authenticating on the first tab.
User logs in successfully on any of the two tabs
Refreshing the tab that is still open on the Login page doesn't login the user, instead displays the login form.
From the http_access_logs I am seeing the following:
When the user tries to authenticate:
[20/Feb/2020:17:02:39 +0000] GET /samlsso?tenantDomain=domain.com&SAMLRequest=abcdef.....&RelayState=myRelayState HTTP/1.1 302 - - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 0.018
[20/Feb/2020:17:02:39 +0000] GET /authenticationendpoint/login.do?RelayState=myRelayState&.........parameters_ommited..... HTTP/1.1 200 2953 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 0.003
[20/Feb/2020:17:02:40 +0000] GET /logincontext?sessionDataKey=e3a4e5c3-60dd-4466-8586-9dae01a4a8d8&.....parameters_ommited.... Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 0.000
This is the flow of the requests when directed from the SP.
However when the user is refreshing the login page, even when he has authenticated on another tab, only the latter two requests are received.
[20/Feb/2020:17:14:26 +0000] GET /authenticationendpoint/login.do?RelayState=myRelayState&.....parameters_ommited..... Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 0.004
[20/Feb/2020:17:14:27 +0000] GET /logincontext?sessionDataKey=e3a4e5c3-60dd-4466-8586-9dae01a4a8d8&.....parameters_ommited...... Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.116 Safari/537.36 0.007
From my understanding the reason is that the user is not directed to the /samlsso on refresh, it asks for the login form directly.
Is the expected functionality that I would like something that the WSO2 server can handle, and if so how?
I was used to type in a browser : http://finance.yahoo.com/webservice/v1/symbols/YHOO,AAPL/quote?bypass=true&format=json&view=detail and parse the answer...
It's not working anymore, see: Has Yahoo finance web service disappeared? API changed? Down temporarily?
The command
curl -A "Mozilla/5.0 (Linux; Android 6.0.1; MotoG3 Build/MPI24.107-55) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.81 Mobile Safari/537.36" http://finance.yahoo.com/webservice/v1/symbols/YHOO,AAPL/quote?bypass=true&format=json&view=detail
gives also
not a valid parameter.
Any idea what's wrong in the request?
Any idea on the way to send the http request directly so it works in a desktop browser?
If you use the headers below in your GET request, it will work...
"User-Agent":"Mozilla/5.0 (iPhone; CPU iPhone OS 9_3 like Mac OS X) AppleWebKit/601.1.46 (KHTML, like Gecko) Version/9.0 Mobile/13E230 Safari/601.1"
I have written the MJPEG streaming server on HTTP. My HTTP server receives the request and sends the MJPEG. So far it is working fine. I am using C++ and POCO library.
The problem that I don't know when to stop the streaming. On stopping the browsing from browser (firefox) it sends same request as when requesting the stream. I used fiddler and following is the HTTP request while requesting and stopping the browser.
Requesting the MJPEG from browser (firefox):
GET http://mymjpegserver.com?vms=dvtel&deviceid=1&rgb=true&server=10.8.10.80&userid=admin&password= HTTP/1.1
Host: 10.1.39.7:8081
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Stopping the streaming from browser (firefox) by clicking on cross "x" button
GET http://mymjpegserver.com?vms=dvtel&deviceid=1&rgb=true&server=10.8.10.80&userid=admin&password= HTTP/1.1
Host: 10.1.39.7:8081
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
And then after few moments when ever I switch browser tabs or window it sends following request
GET http://mymjpegserver.com?vms=dvtel&deviceid=1&rgb=true&server=10.8.10.80&userid=admin&password= HTTP/1.1
Host: 10.1.39.7:8081
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
That is only Accept value is changed to "image/png...". But, I can not use this Accept value to differentiate the termination, since this request is only sent when the Tab/Window is switched.
And on closing the Tab, nothing sent to the Http Server.
My question is, how on Web Server I can check the request to stop the streaming?
I want to parse some information from the User-Agent: HTTP header. The problem is that I'm getting two User-Agent: HTTP headers in the same HTTP Request:
CONNECT www.facebook.com:443 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (http://iim.com/a.jph) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.
CONNECT www.facebook.com:443 HTTP/1.1
Host: www.facebook.com
Proxy-Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.
CONNECT www.facebook.com:443 HTTP/1.1
I want the regex to match the non-http portion e.g Windows NT 6.1; WOW64. The flow analyzer software I'm using java regex engine.
My attempts
User-Agent:\s+.*?\((.*?)\)
Its matching both; I want to skip http portion of it.
Use a negative lookahead to prevent the match of http:
User-Agent:\s+.*?\((?!http)(.*?)\)
Though you might want to change the .*? to negated classes:
User-Agent:[^(]+\((?!http)([^)]+)\)