I am trying to call a webservice from Postman client and while doing this I am passing a value which has '#' in it. Example:
test = "43543#324#435"
But when I enter this value and click somewhere else it will remove all characters from first '#' including '#'. So the parameter will become:
test = "43543"
What should I do so that I can pass a parameter with '#' in it?
Note: 'Postman' is a Google Chrome add-in to test Rest webservices.
You should not use # in your URL parameters.
You can find out why in this answer here: Characters allowed in GET parameter
Not use # in URL so use encode of # is %23 and replace #.
for example show in below.
test = "43543%23324%23435"
I got the solution.
As some special characters are not allowed in URL, so we need to encode them. For this, in bulk edit mode for key-value pair, select value which contains special characters and right click. Select 'EncodeURIComponenet' and send request. It will work :)
Related
I have a search box.
I search for: <- blank spaces in my search box.
My form validation catches this.
The URL shows: ++++++++++++++++
If I search for: <script>alert(1);</script>
The URL shows: <script>alert%281%29%3B<%2Fscript>
The Question
Where in Django can I alter / change / modify the request that determines the request URL? I'm thinking middleware but I haven't found an example. Would I have to create an entirely new HttpRequest from scratch?
Why do I want to?
I want to encode the URL differently. For example, strip all punctuation from the q= value, replace whitespace, strip, replace single spaces with + to have cleaner URLs.
Really looking for a clear example with CODE.
I'm trying to use APEX_UTIL.PREPARE_URL to produce an APEX URL for a page that requires a checksum, and I'm trying to set a page item on the destination page to a value that contains special characters. Assume for this question that the only special characters that I'm passing are commas, though my problem seems to apply to all special characters.
According to the APEX URL documentation, an item value that contains a comma needs to be enclosed by backslashes. So when I build my URL, I end up with something like this:
f?p=112:50:session::::P50_PAGE_ITEM:\123,abc\:
Then I pass this URL through APEX_UTIL.PREPARE_URL:
APEX_UTIL.PREPARE_URL('f?p=112:50:session::::P50_PAGE_ITEM:\123,abc\:')
When I try to follow the link that's returned, I get the following error:
The checksum computed on the request, clear cache, argument names, and argument values (...) did not match the checksum passed into the show procedure.
If I try passing a value that does not contain commas and I remove the backslashes, the value is passed without a problem.
How can I get a valid checksum for a URL that does contain the backslashes so that I can pass values that contain commas (and other special characters)?
APEX_UTIL.PREPARE_URL should handle backslashes fine. The region that contains the resulting URL may be escaping the special characters, causing the checksum mismatch.
To test the actual output of APEX_UTIL.PREPARE_URL, try outputting your URL in a PL/SQL Dynamic region. For example:
DECLARE
l_url VARCHAR2(200) := 'f?p=112:50:session::::P50_PAGE_ITEM:\123,abc\:';
BEGIN
htp.p('page 52');
END;
Suppose I am hitting the URL
http://www.example.com?state=env,test,appname,maha,observation_code,123456
and in $args_state I am getting this string
state=env,test,appname,maha,observation_code,123456
I want value between first and second comma
In this example if we perform regex then it should return test. based on that value I want to redirect url to somewhere else.
I am making some changes in nginx.conf file.
Unless other conditions are needed, simple string functions will more than suffice:
t = """state=env,test,appname,maha,observation_code,123456""".split("=")[1].split(',')[1]
print(t)
# test
I'm working on script that would show potentially dangerous HTTP requests, but I don't know how to filter URI in HTTP request correctly. The idea is to look if any URL is contained in GET parameters, but ignore the URLs which are added to GET parameter with specified word (for example - GET parameter with name goto can contain any URL. So if there is starting line of request like this ...
GET /check/request?first=1&second=http://domain.tld/something&third=3 HTTP/1.1
... there must be match. In case we have other request's starting line like ...
GET /check/request?goto=http://domain.tld/something HTTP/1.1
... this one should be ignored.
Base regex which matches any line with URL is:
^(GET|POST).*\?.*\=http\:\/\/.* HTTP\/.*$
I was trying to modify it correctly, but my version only matches lines which contains word goto in URL itself, not as parameter:
^(GET|POST).*\?.*(?!.*goto)\=http\:\/\/.* HTTP\/.*$
Any help would be appreciated.
UPDATE
^(GET|POST).*\?.*(?<!goto)\=http\:\/\/.* HTTP\/.*$
Check here
You probably meant lookbehind to http://.* rather than lookahead to .*:
^(GET|POST).*\?.*(?<!goto)\=http\:\/\/
Please see an example on regex101.
In my django project, I have a url pattern like
(r'^survey/u2=([^/]+)/u3=([^/]+)/$',SurveyView.as_view()).
When I try to open the below url
http://www.sample.com/survey/u2=rc57S4/jyTJBz+==/u3=/U5pKfrV8X1MjUU2tI0AhqTF5PGR8g=/
[where u2 & u3 are encrypted value using internal keys. ]
I'm getting page not found error. This is due to, the sample url is not matching with the original url pattern at server end, as it has '/' backslash character in the url parameter.
Right now,I'm not in a position to edit the sample url by adding encode to the parameters, since this url has been mailed to customer. However if the customer opens the link I should not through error message.
How can I handle this special characters at server end while pattern match for url?.
Instead of passing as arguments in URL pass it as a GET request. seperated by ? and & characters.