Cookie not setting in Chrome - google-chrome

I'm running an application on http://localhost:3000 and I am successfully receiving a response with the two cookies shown below on my network tab in Chrome.
However, these cookies are not being set. I'm wondering if maybe I have incorrectly set certain attributes on the cookies, and that's why they aren't being saved?
If I go to the Application tab and refresh and view my cookies
We can see that the above cookies are not there.
The request I'm making is just a simple asynchronous axios.post(http://localhost:5000, data).
How can I get these cookies to be stored correctly?

I needed to add withCredential: true like so:
axios.post(http://localhost:5000, data, {withCredentials: true})

Related

Simulate fake 404,500 Status Code to check frontend app behaviour

I want to simulate a fake 404 status code from the backend to see how my website will behave.
I don't want to mock fake response status in the code I would like to use some tools.
Cause sometimes I want to test it on the production which has version x and I don't want to waste time downloading this code and checking if there it is working.
Just simply mock response header status code for some test value like 404 for the fast check.
I tried to use software like Requestly - chrome extension.
And configured it like :
Modify response for header status put value 404 for google.com site.
But when I open google.com site I got status 200:
Do you know how can I change the status code of the given request?
Maybe by using different soft?
Status is not an HTTP response header. Status Code is an HTTP response code and Chrome does not allow to modify the response code of a request. There are two possible ways to solve this using Requestly
1-Step solution using Requestly Desktop App (Reliable & Guaranteed to work)
You can use any MITM proxy to intercept the request and simulate the status code. However, given my experience with Requestly, I'd explain how you can do it with Requestly Desktop App
Install Requestly Desktop App,
Go to Rules Tab and Click on New Rule
Select Modify Response
Define the exact URL (or Pattern) and define the status code. That's it.
Screenshot
Demo
https://www.youtube.com/watch?v=nLcIZGmMAtQ&ab_channel=Requestly
Using Requestly Browser Extension (2-Step Process, Should Work in most sites but there could be some CORS Issues)
Install Requestly
Use Requestly Mock Server and create a new mock which serves 400 or 404
Use Requestly to set up a Redirect Rule which redirects your original request to the URL of your mock request
Here are a couple of examples using the extension
Simulate 500 in Twitter Create Tweet API
Simulate 404 in BlinkIt Search API
Footer Notes
Desktop App-based solution is more reliable and guaranteed to work while Extension-based solution has technical limitations and there may be some CORS Issues depending upon your backend So prefer to use Solution 1.
PS - I built Requestly (& still building it with lots of heart)
In DevTools on the Network panel, right click a resource and select Block Request URL or Block Request Domain.
Does that help in your use case?
Try using ModResponse: https://chrome.google.com/webstore/detail/modresponse/bbjcdpjihbfmkgikdkplcalfebgcjjpm. You can add "Replay response" on the URL that you want to replay, visit that URL, then open up ModResponse again to edit the HTTP status code. You can also use it to edit the HTTP response body and header as well.

Chrome won't send domain level cookies to server in request header

This really annoying, partly because its internal to chrome and its more or less a guessing name. But my request header is not passing along the cookies for the same domain.
I have a cookie with a domain set to
.domain.net
My application is at the following URL
myapp.foo.bar.domain.net
I'm trying to send a request to another server on the same root domain at
otherapp.bar.domain.net
The cookie does not send in Chrome but does send in Safari.
According to the HTTP cookie spec, it should send because ".domain.net" is the master domain both both .bar.domain.net and .foo.bar.domain.net
Furthermore, I know the domain level cookie is working because when I make a GET request to myapp.foo.bar.domain.net or to myapp.bar.domain.net, the cookie is indeed passed in the header. It seems to fail in the case when I'm making a request to either domain when the origin is the other.
Does anyone know if this is a known bug in Chrome, I'm running version 59.
Turns out I was not adding
xhrFields: {
withCredentials: true
},
In the ajax request. This was a little confusing because this was all working before I changed the domain and whats more confusing is that this works with Safari without needing to set that withCredentials header. The take away here is that Chrome will not send cookies if the hostname differs, even when a root domain cookie is set, unless the withCredentials header param is passed, however Safari will send no matter what. I don't know about Firefox.

Redirect to proxy using Webextensions API

How does one take an HTTP request and redirect it to proxy (on an ad-hoc basis, assuming browser is on no-proxy)?
For example: I want to access http://www.stackoverflow.com/questions.
In terms of the API, this request would look like this:
Method: Get
Url: http://www.stackoverflow.com/questions
Headers
Host: www.stackoverflow.com
More-Headers: More-Values
If I have to send the same request to proxy, I need to add a proxy authorization header. I also need to change the URL to http://www.myproxy.com. How do I specify the URL of the website that I want to visit?
In terms of actual coding:
In onBeforeRequest callBack- I change the URL by returning {redirectUrl: https://www.myproxy.com}
In onBeforeSendHeaders callBack- I add the proxy auth header. I leave the Host header as is.
Where and how do I mention the URL of the target website I need content from?
The webRequest API won't let you do what you're asking, you need the browser to handle the proxying. The proxy API is meant to provide a way to do this, it is implemented in Chrome and is currently (August 2016) being implemented in Firefox (tracking bug is https://bugzilla.mozilla.org/show_bug.cgi?id=1283639).

Accessing redirected-to URL when making an HTTP request

When making an HTTP request (using URLLoader, for example) that results in a redirect, is it possible to access any of the URLs in the redirect chain?
For example, let's say that the following happens:
We make a request to example.com/a.gif
example.com redirects to example2.com/b.gif
example2.com redirects to example3.com/c.gif
I've stared at the documentation for URLLoader and its various events for a while, and it doesn't seem like there's a way to either:
Instruct URLLoader to not follow redirects
Access any of the URLs involved after the initial request
Does anyone know if there's a way to do this? I'm not attached to using URLLoader, so if there's another class that supports this functionality, I'd be fine with using it.
Can anyone point me in the right direction? Thanks in advance!
Edit - I should clarify: I know how to detect the redirects outside of AS3 using a DOM debugger. I'm specifically interested in accessing the redirect chain within AS3. It would appear that it's possible using the AIR player via the HttpStatusEvent, but the relevant properties aren't available when using Flash Player.
Edit 2 - I've also tried using an HTTP client lib (as3httpclientlib, to be specific). This works except for the fact that it loads cross-domain policies from port 843 rather than by making an HTTP request to /crossdomain.xml. The context I'm working in requires the latter, so using something with Socket underlying it won't work unless there's a way to force Socket to load cross-domain policies from HTTP instead of port 843.
The redirects are generally in place because the original URL shouldn't be used anymore. The file doesn't exist at example.com/a.gif so in theory you don't need to know about it. Why do you need the intermediate request path?
I'm not aware of an actionscript way of finding the redirect chain for any request, but if you want to do it for a specific chain you can use HttpFox for Firefox, or hit f12 in google chrome and look at the network tab when making a request to the URL that redirects. This will only work if the client is redirected by the server to the new address (a HTTP 302 responce or similar.) If the server chooses to return the contents of example3.com/c.gif when someone's browser asks for example.com/a.gif there is nothing you can do.

how to reverse engineer an http API call using REST console

I'm trying to replicate a request I make on a website (ie zoominfo.com) using the same http POST parameters using chrome rest console, but it fails for some reason. I'm not sure if there is a missing field or it's not working because the origin of the request isn't valid.. can someone point me out in the right direction? Below is a detailed explanation of the experiment:
ORIGINAL CASE
basically if I go to zoominfo.com (registered and all) I see a form page that I need to fill:
if I hit enter.. the site makes an ajax call. If I open the chrome web dev tools, and open the network tab, I see the details of the ajax call:
notice the body of the POST has the name John Becker in it:
{"boardMember":{"value":"Include","isUsed":true},"workHistory":{"value":"CurrentAndPast","isUsed":true},"includePartialProfiles":{"value":true,"isUsed":true},"personName":{"value":"john%20becker","isUsed":true},"lastUpdated":{"value":0,"isUsed":true}}
the response is shown under the respones tag:
WHAT I'M TRYING TO DO
basically replicate what i've done above using a REST console (note: so there is nothing illegal here.. i'm just replacing a chrome browser action with a rest client action.. i'm not hacking anyone and i'm not getting information I can't get the normal way, but if someone feels otherwise.. please let me know)..
so I plug in the same parameters as above into the rest console:
now i'm not sure about authentication.. but just to be safe, i entered the same user name and pwd i have for the site into the REST console:
but then I keep on getting an error as a response to my rest console's request:
UPDATE: CORRECT ANSWER:
so according to JMTyler's answer.. I had to simply include criteria in the RAW body, and convert it to url encoding.. in addition to that, I had to explicitly set the encoding in the rest console body..
looking at the chrome inspector more closely, it turns out that I simply had to click on view source:
to get the url-encoded value that I needed to put in the RAW body in the rest console:
I also had to set encoding to gzip,deflate,sdch and things worked fine!
The form is posting all that JSON under the field criteria. You can see this in the screencap of the chrome dev console you posted.
Just start your raw body in rest console with criteria= and make sure the json has been url-encoded. That should do it.
No authentication is needed because none is passed through the headers in your screencap. Any cookies you have when you load the page normally will also be loaded through rest console, so you don't need to worry about explicitly setting them.
Reading your problems I'll make an educated guess:
zoominfo does not provide an RESTful API.
Rest-Console understands and uses HTTP Authentication, which is different from the authentication handler zoominfo implemented.
A possible way to work around may be:
Make a call to the login-page via rest console. you'll get back cookies and a lot more.
In subsequent requests to zoominfo be sure to include those cookies (likely holding some session information) in your request, therefore acting like a browser.