Basically I have a script on a server that runs on a MQTT/CURL signal. Once either the MQTT or CURL gets called It starts/runs the script on the server and from there transfer the data to other machines. Why I want this to be run from Chrome (or any other browser) is because I would like to use a QR scanner to scan a QR code which holds the URL(mqtt or curl) and that this then gets run from the internal browser on the device. I know that there are apps and extensions for this, but I really need to get it as "thin client" as possible due to the large amount of devices that needs to be able to send the signal. Downloading an app for each device would defeat the purpose.
So my question really is if this is possible? Can Chrome send mqtt/curl from the url/address bar. I can't seem to find any information on this (maybe because it doesn't work? :D) HTTP post wont do unfortunately.
EDIT: If it doesn't work I have an idea to curl post from the console, but then my question is how would an url that opens console and inserts certain information look like? In other words I want an URL to include in my QR picture that opens Chrome (because it's a link) opens console and writes data like 101011101 (I can do the ENTER manually)
Kind regards,
First, no Chrome can not in a single externally triggered action send a MQTT message. *
Curl is just a command line HTTP client it can send any HTTP request possible by the spec, so without LOT more detail about what exactly you are using it for the next part of this answer has to be a bit of a guess.
If you scan a QR code containing a HTTP URL then this will most likely be passed to the built in browser on the device (or a WebView in the barcode scanner application). This URL will opened using a HTTP GET request (you can not change the HTTP verb, it will always be a GET).
You can encode variables into the URLs query string by appending them to the end of the URL e.g.
http://www.example.com?foo=bar
Would send a variable named foo with a value of bar and as long as you have room in the data you store in the QR code you can add as many of these as you want.
* Chrome could be passed a URL to a page that loads the Paho Javascript MQTT library that then sends a message via MQTT over Websockets if the broker supports it, but if you are going to do that you might as well have what ever HTTP server that you load the page from send the message.
Related
I am struggling to understand how our local gov website functions. Specifically the URL https://self.maidstone.gov.uk/service/check_your_bin_day
Beginning to enter a postcode (not mine) such as 'ME15 7HQ' and without submitting the form, a list of addresses is available.
Selecting an address and then selecting 'black bin and food', the website will return a result of 'Your collection date will be FRI 30/07/2021'. Again without submitting the form.
Running OWASP's ZAP, I can see that data is being submitted and returned as JSON. The data begins to be submitted as soon as the postcode is being entered.
I'm obviously an amateur but have never seen a site like this. The purposes of the request to Stackoverflow is that I would like (either via curl or a HTTP request) to be able to submit a postcode and address, and then receive the bin days as relevant.
Is this possible? If so any pointers please?
This website uses JavaScript and HTTP requests to dynamically load data.
For viewing those requests, open devtools > Networktab, and click on XHR button:
Afterwards, try to write postcode into the form. For me, it made request to runLookup url. When you click Preview tab, you can see the JSON you was mentioning. In this case, you can find the Street addresses (which are then added to next input on website) is on integration > transformed > rows_data.
The devtools have one amazing feature, that will convert the HTTP request to cURL command, you can do it by right-clicking on the request, Copy > Copy as cURL command:
By this way, you can make the whole process, although, from seeing the whole complexity of their API, I don't think it will be that easy, due you probably would need to preserve cookies, and generally follow some steps of requests to get the result (but this doesn't need to be true, it's just my observation).
Hello I'm doing a PWA and I use Google spreadsheet to store info and send emails.
When I use the app, in the console shows me the "XHR finished loading" message with an url with json data from my entire sheet.
What I want is that people don't have access to that URL or the JSON data, is this possible? or What should I do so that information is not visible in that way?
if your UI can access a URL, anyone could.
You can protect it though, deepening on your server side capability.
If your server side can authenticate the request to have proper credentials, then the protection can be implemented.
But you can't mask anything from UI to prevent users from seeing it. What goes to browser -> user have visibility. PWA wont change that fact.
There is a website and I want to access their backend api. I found a request which gives me json response, but when I change some parameters in the url, response is not changing, it's the same. I am not sure about the other parameters, but this one parameter that I want to use should change the response, but it's not.
Furthermore, when I monitor network tab in developer tools in chrome, and I send the request for the whole website, request that I want to use is listed and the response has the data I want, but when I copy that URL and send the request myself (isolated from the website) I am getting different response.
I've tried with two different locations over VPN and clearing chrome cache and it didn't work. Is there a way for this request to give the same response when caught while whole website is loading and when triggered manually?
I solved this problem by setting the appropriate request header. There was a request header that changed the api response.
I am trying to get started with REST API calls by seeing how to format the API calls using a browser. Most examples I have found online use SDKs or just return all fields for a request.
For example, I am trying to use the Soundcloud API to view track information.
To start, I've made a simple request in the browser as follows http://api.soundcloud.com/tracks/13158665.json?client_id=31a9f4a3314c219bd5c79393a8a569ec which returns a bunch of info about the track in JSON format
(e.g. {"kind":"track","id":13158665,"created_at":"2011/04/06 15:37:43 ...})
Is it possible to only to get returned the "created_at" value using the browser? I apologize if this question is basic, but I don't know what keywords to search online. Links to basic guides would be nice, although I would prefer to stay out of using a specific SDK for the time being.
In fact, it's really hard to answer such question since it depends on the Web APIs. I mean if the API supports to return only a subset of fields, you could but if not, you will receive all the content. From what I saw on the documentation, it's not possible. The filters only allow you to get a subset of elements and not control the list of returned fields within elements.
Notice that you have a great application to execute HTTP requests (and also REST) in Chrome: Postman. This allows to execute all HTTP methods and not only GET ones and controls the headers and sent content and also see what is received back.
If you use Firefox, Firebug provides a similar thing.
To finish, you could have a look at this link to find out hints about the way Web APIs work and are designed: https://templth.wordpress.com/2014/12/15/designing-a-web-api/.
Hope it helps you and I answered you question,
Thierry
Straight from the browser bar you can utilize REST endpoints that respond to a GET message. That is what you are doing when you hit that URI, you are sending an HTTP GET message to that server and it is sending back a JSON.
You are not always guaranteed a JSON, or anything when hitting a known REST endpoint. What each endpoint returns when hit with a GET is specific to how it was built. In that case, it is built to return a JSON, but some may return an HTML page. In my personal experience, most endpoints that utilize JSON returns expect you to process that object in a computer fashion and don't give you a lot of options to get a specific field of the JSON. Here is a good link on how to process JSON utilizing JavaScript.
You can utilize REST clients (such as the Advanced REST Client for Chrome) to craft HTTP POST and PUT if a specific REST endpoint has the functionality built in to receive data and do something with it. For example, a lot of wiki style REST endpoints will allow you to create a page with a specifically crafted HTTP POST with either specific header information, URI parameters or a JSON as part of it.
you can install DHC client app in your chrome and send request like put or get
I am writing end-to-end tests using Protractor for an Angular application. The application uses an API service to retrieve data from the back-end and this data is then used to populate pages in the Angular application.
I would like to utilize this API to get data to use in my jasmine tests, the tests will confirm that the back-end data is correctly and completely populated on applicable pages in the UI. I definitely DO NOT want to mock the server, I want to hit the actual server and work with the actual data from the JSON response.
My question is 2 sided; how to call the API service from my protractor tests and secondly, how to retrieve data from the JSON response from this API.
Any (detailed) information, examples you can provide as to how this can be done would be appreciated
Thanks in advance.
Protractor is used to test the ui of an application. What it does is click buttons and enter text in text boxes and wait for responses. For example if I have a login form and want to test the scenario when a user enters an email address wrong and an error message pops up. Protractor would navigate to the email field, enter an incorrect email address and then find the element that contains the error and verify the error showed up.
So as long as you have an environment setup that has a ui connected to an API service, the API service will be called as normal. Protractor will click buttons and if a button click triggers a call to the API service it will go straight to that service.
As for the JSON response access, this is probably not a good use for protractor. Protractor is used to click events and wait for responses. So if you are displaying that JSON response in some form or way protractor could verify it is displayed. For example, if you are displaying some data from the server in a table on a button click, you could have protractor click that button and verify the table has the correct values. But you would not want to verify the JSON object is as expected. That would be unit-tests on the API itself.
Hope this helps.
We have two options
Make a request by require(...) and using a request library.
This allows you to make direct HTTP Service calls, as discussed in this Stack Overflow post
Use some data from a .json file by require(...) it directly:
https://github.com/angular/protractor/issues/978#issuecomment-47250364