I'm trying to send https requests with python "requests" lib
payLoad = {'session_id': str(webSessionId), 'Merchant': 'Company'}
resp = requests.get(url, params = payLoad, cookies = cookiesSession, headers = headers)
print resp.url
But I'm getting server error 400. At the same time if to check url from sent request can see following:
https://url/error
Passed parameters are missing.
If to remove cookies following url is returned:
https://url?Merchant=Company&session_id=d1160eda748a5ede015bbe1abe35606138086fc8
But Server returns 403 error(authorization)
Cookies and headers are valid as were successfully used in previous two https request. But here is some strange situation. How can I send "get" request with params and cookies?
Related
I have a Resource that will need credentials
I have set up my flask-cors like so
CORS(
app,
resources={"/*": {"origins": ["http://localhost:3000", "http://localhost:1002"]}},
allow_headers="*",
supports_credentials=True,
)
config variables
CORS_EXPOSE_HEADERS = ["tokens", "Set-Cookie", "Access-Control-Allow-Origin"]
CORS_SUPPORTS_CREDENTIALS = True
here is the network details of my preflight request
I want the header 'tokens' to be sent to my post request, but it isn't.
all get requests works.
i have credentials in cookies that must be sent over a post request, but they are not present.
however, they are present in get requests
here is my flask cors config
CORS(
app,
resources={"/*": {"origins": ["http://localhost:3000", "http://localhost:1002"]}},
allow_headers="*",
supports_credentials=True,
expose_headers=[
"tokens",
"Set-Cookie",
"Access-Control-Allow-Origin",
"Access-Control-Allow-Credentials",
],
)
here is the response from preflight (options)
As you can tell I have allow credentials true, and my allow-origin is explicitly set to an origin
again, all get requests succeed, while all post requests fail with a 401 where the cookies are nowhere to be found.
As I see from the answer for this question: Karate will automatically send any cookies returned by the server in the next request.
But when I send the request I see two sets of cookies in Set-Cookie of response: one is auto-created and another is real, that returned from the server.
When I printed responseCookies, I saw there only automatic cookies
and for the next request new cookies are generated and sent.
For my test I need to use cookies returned after the first request because it is a call to login service.
Feature: Using cookies in next request
Background:
Given url baseUrl
And path LOGOUT_SERVICE_ENDPOINT
And configure headers = read('classpath:headers.js')
And def filename = 'classpath:resources/users/' + brand.toLowerCase() + '/user.json'
And json user = read(filename)
Scenario: Login
When def login = callonce read('classpath:features/login_service/login.feature') user
* print login.responseCookies
And request { arg1: '#(brand)'}
And method post
Then status 200
What is wrong in my feature or it is Karate issue?
two sets of cookies in Set-Cookie of response:
Maybe that is a bug in the server ?
Also try using "shared scope", because cookies also will be part of the "global" variables etc.
* callonce read('classpath:features/login_service/login.feature') user
* request { arg1: '#(brand)'}
If you are still stuck, please follow this process: https://github.com/intuit/karate/wiki/How-to-Submit-an-Issue
Editing again with more updates:
Trying to troubleshoot python-requests to see if something is wrong with a PUT request, but not sure how to proceed.
Below is a snippet of my code:
def API_request(url=None, headers=None, payload=None, update=False):
r = None
if update and headers and payload:
print "put request to %s with %s of %s" % (url, headers, payload)
r = requests.put(url, headers=headers, data=payload)
if headers and payload and not update:
print "post request to %s with %s of %s" % (url, headers, payload)
r = requests.post(url, headers=headers, data=payload)
print r.status_code
print r.text
When the above sends a POST request to create a record, it works. However, whenever it sends a PUT request, I get a 401 error: "Authentication credentials were not provided." This happens across multiple endpoints.
401
{"detail":"Authentication credentials were not provided."}
If I copy/paste the relevant printed output from the above PUT print function into a direct HTTPie request, it works. The below request results in a successful 200 response and updated record on the server:
http --debug PUT [url] < [file containing payload] Authorization:'Token [token]'
If I hard code a simple script that does nothing more than import python and json and PUT the exact same data to the same url using the same headers (printed form the original statement), it works. The below script results in a successful 200 response and updated record on the server:
import requests, json
url = "[my url"
headers = {'Content-Type': 'application/json', 'Authorization': 'Token [my token]'}
data = {[my data]}
payload = json.dumps(data)
r = requests.put(url, headers=headers, data=payload)
print r.status_code
print r.text
I've sent the information from both scripts to https://requestbin.fullcontact.com/ and they look to be identical.
BIG ISSUE:
After an entire day of debugging I figured out that even the requests that were generating a 401 error were successfully hitting the server and updating the appropriate records. Put simply, this would not be possible without a correct and functional authentication. Given that, why would I be getting a 401 error from the PUT request?
Happy to answer any questions in comments.
The above was sending a follow-up GET request (without the header, so it was failing) after successfully sending the PUT request (which was succeeding). I caught this by logging all requests hitting the server.
I figured out why the follow up GET was being sent and corrected that. I still don't understand why the r.code and r.text response from the successful PUT was never printing and hitting the console. Had I seen that, it would have been much easier to find. However, since the main problem is resolved, I can't spend time troubleshooting that.
I should have been seeing both responses - the success and the fail in the console - problem for another time.
I am trying to load a web page and monitor it for XHR (XMLHttpRequests). To do this I am using Ghost.py with Python2.7. I can see the XHR being made and can read the URL and response, however I would like to read the request body so that I can recreate these requests at a later date.
from ghost import Ghost, Session
ghost = Ghost()
with ghost.start():
session = Session(ghost, download_images=False, display=False)
page, rs = session.open("https://www.example.com/", timeout=60)
assert page.http_status == 200
result, resources = session.wait_while_selector('[class=loading]:not([style="display: none;"])', timeout=60)
for resource in resources:
print resource.url
print resource.content
I have searched within the documentation, but cannot find any references to XHR request body and I have searched within the returned resources object for references to the request, but can only find request.headers (which does not include the POST body) and the _reply data.
Can you save the POST body of a XHR request as well as the response?