I'm trying to get an arduino to login in to a website that I have created.
On the website there is a basic form that has two fields one for password and one for username, it also has a submit button labelled login.
I used fiddler2 to sniff the http packets when I login in using chrome and am trying to use the information from that http post to recreate my own post to login.
Here is the portion of the code that I am using for the login:
if (client.connect(server, 80)) {
Serial.println("connected to server");
// Make a HTTP request:
client.println("POST/username=slwhore&passwd=1234qwer%21&op2=login&lang=english&force_session=1&return=B%3AaHR0cDovL3JlbW90bGV0LmNvbS8%3D&message=0&loginfrom=loginmodule&cbsecuritym3=cbm_56b7d5e7_00583e07_b0b6f81b4c86d117542f5cc7b7c3416e&Submit=Login HTTP/1.1");
client.println("Host:www.remotlet.com");
client.println("Content-Type: application/x-www-form-urlencoded");
client.println("Content-Length: 229");
client.println("Connection: close");
client.println();
I then have another piece of code that recieves the information coming back from the host which I know works. When I run this code I am able to connect to the server but I don't get any response form it at all. Any help would be greatly appreciated.
Your HTTP request is completely wrong, it will never ever be accepted by any kind of server web.
1st line: the HTTP 1st line is METHOD URI VERSION.
You didn't put a space between the method and the URI, also the POST data is not part of the URI as it is when using GET requests. I don't know what your server uses but usually sane logins don't use GET and don't pass the login inside the URI.
2nd line: you forgot a space
4th line: you set a content length but you don't send any content apparently.
General consideration: in HTTP the line terminator is \r\n, not just \n.
I suggest you do the request with the browser, intercept the traffic with wireshark and see how it's done.
Related
i am Learning Python and at the moment i am experimenting with the request Module.
What i did so far:
This is the API Documentation for the Endpoint i used:
https://trackapi.nutritionix.com/docs/#/default/post_v2_natural_exercise
And this is the associated Python Code:
EXERCISES_ENDPOINT = "https://trackapi.nutritionix.com/v2/natural/exercise"
header = {
"x-app-id": APP_ID,
"x-app-key": API_KEY
}
body = {
"query": "Ran 2 miles and walked for 3Km."
}
response = requests.post(url=EXERCISES_ENDPOINT, headers=header, json=body)
The corresponding http Request URL should be:
https://trackapi.nutritionix.com/v2/natural/exercise?Ran%202%20miles%20and%20walked%20%20for%203Km.
My Problem is as follows:
In Python the code ist working perfectly fine and my response is as expected
If i use Postman, this works fine too, because in both -Python and Postman - i can specify my Request as a POST Method
But if i use the URL in my MS Edge Browser (and Chrome too) i get an Error: Cannot GET /v2/natural/exercise
The Header information are ok, because i told the Browser them per "ModHeader" Extension.
But why is my Browser doing a GET and not a POST and how can i change this with the developemant tools from MS Edge Browser.
Important for my learning is to know why the Browser do a GET??
Is the Browser only able to do GET in generel and the other Methods (POST, PUT, DELETE) are not possible in this way. But that makes no sense for me :)
Thanks a lot in advance
But why is my Browser doing a GET and not a POST
Presumably because you are trying the address into the address bar of the browser.
That is designed to make a GET request because there is nothing in the UI designed to collect any of the data needed to make another request type.
The usual way to make a POST request would be to provide a user interface for it in the form of an HTML <form>.
I am sending some perameters to the third party application using rest api In one of the perameter I am sending A URL, This URL will use by third party application to send a json response after 5 or 10 min. My question is how may i create that URL for third party app that they will use to send the response.
If the 3rd party can send HTTP headers too you could send to them the current user's session id. If that user is API enabled (checkbox in profile/permission set) - you could write an Apex REST service that accepts POSTs. They'd call it with Authorization: Bearer <session id here> and it could work very nice. This trailhead might be a good start for you. (or can you contact their developers and maybe agree to make a dedicated user in SF for them so they'd log in under their own credentials and send it back?)
If they cannot send any special headers (it'd have to be unauthenticated connection to SF) - maybe you could make a Visualforce page, expose it as Site and then page's controller can do whatever you need. Maybe you already have something public facing (community?), maybe it'd be totally new... Check https://developer.salesforce.com/docs/atlas.en-us.206.0.salesforce_platform_portal_implementation_guide.meta/salesforce_platform_portal_implementation_guide/sites_overview.htm
If none of these work for you - does the url have to ping back to Salesforce. Maybe you have control over another server that can accept unauthenticated requests like that and have that one then call SF. Bit like a proxy. You could even set something up fairly easily on Heroku.
Last but not least. This would be extremely stupid but if all else fails - in a sandbox enable Web-to-Case or Web-to-Lead and experiment with these. At the end of the day they give you an url you can POST to and pass a form with data. I think it'd have to be Content-Type: application/x-www-form-urlencoded and if you mentioned JSON they're likely to send it as application/json so might not work. If it works - you could maybe save the payload in Description field of Cases (special record type maybe?) and do something with it. I'm seriously not a fan of this.
I am trying to develop a website that reads a JSON response from a certain endpoint and post it after certain processing to the page.
I am using $http.get(url) (AngularJS)
However I am facing problems getting the response.
I have tried to use other URLs and it worked then the cause of the problem probably is not the code.
The Error is: "No Access Control Allow Origin header is present on the requested resource".
Other responses suggested something related to CORS and privacy issues ; but when i type the URL directly in my browser it gives a JSON response directly. (So basically there is no privacy issues in the server side right?)
My question is what should I do ? Is there another way to get the content of the page pointed by the url (i am sure that it will only contains the JSON response)
Thanks in Advance
I came across this question:
1. If we substitute the URL in the address bar, it is similar to receiving data from the server of this site
In order to send requests to other servers need to use JSONP HTTPS for secure channel
Sending data can be carried out, but with the replies received will be a problem in the form JSON
Please send to the server if use PHP, then use CURL
JS->Our server->Server api->Our server->JS
I have the following AJAX function that I call to send post request to a web server running in Python, using Cherrypy, which runs behind Apache:
oAjax.open("POST", "/", true);
oAjax.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
oAjax.setRequestHeader("Content-length", parameters.length);
oAjax.send(parameters);
The parameters are being sent as follows:
"id=pagename&action=pageaction"
Every now and then, I get empty post data when a request is sent. This does not seem to be consistent.
Using WireShark, we get the following details for a bad request:
HTTP 543 POST /? HTTP/1.1 , NTLMSSP_NEGOTIATE
In these cases, we seem to have 0 content length, so our post data seems to have been removed.
It appears to be trying to re-authorize the session when not required, causing the post data to be lost.
Does anyone know why this would happen?
This does not occur in FireFox.
Using the information found on this website, I was able to solve the problem:
http://support.microsoft.com/kb/251404
I'm working on a C coded server that have to reply to browsers' requests. It have to give authentication when using url like this:
http://user:pass#website/
but I really don't know how or where get this information on my server, because what I got when I read the request is the same that I can read when I interact with the server simply using
http://website/
Second question is that sometime I have this favicon.ico request from browsers.. what can I reply to the browser to say "I have not this fu*** stupid icon"? :D
I'm of course using socket for this
Look for a request header named Authorization: containing the string Basic followed by the BASE64 encoded username and password. This method of authenticating is called HTTP Basic Authentication.
For the favicon, simply respond with a HTTP 404 response if you don't have one.