I am trying to access a rest service that I am hosting on an amazon AWS server from a firefox WebExtension.
I have registered a background script in the manifest.json which then tries to access the service.
"background": {
"scripts": ["OwnerLangBackground.js"]
},
"permissions": [
"*://ec2-35-158-91-62.eu-central-1.compute.amazonaws.com:9000/*"
]
However, the XMLHttpRequest just returns an error but I don't see what goes wrong. While researching this issue, I stumbled across the following page:
https://mathiasbynens.be/notes/xhr-responsetype-json
Replacing my own code with a (slightly modifed) copy of the code from the above link I now have:
// OwnerLangBackground.js
console.log("OwnerLangBackground.js loaded");
var getJSON = function(url, successHandler, errorHandler) {
var xhr = new XMLHttpRequest();
xhr.open('get', url, true);
xhr.onreadystatechange = function() {
var status;
var data;
// https://xhr.spec.whatwg.org/#dom-xmlhttprequest-readystate
if (xhr.readyState == 4) { // `DONE`
status = xhr.status;
if (status == 200) {
data = JSON.parse(xhr.responseText);
successHandler && successHandler(data);
} else {
errorHandler && errorHandler(status, xhr.responseText);
}
}
};
xhr.send();
};
/* BLOCK 1: removing the comments for this block works
getJSON('https://mathiasbynens.be/demo/ip', function(data) {
console.log('Your public IP address is: ' + data.ip);
console.log('Your response is: ', data);
}, function(status) {
console.warn('Something went wrong.', status);
});
*/
/* BLOCK 2: removing the comments for this block, does not work
getJSON('http://ec2-35-158-91-62.eu-central-1.compute.amazonaws.com:9000/get-languages', function(data) {
console.log('Your response is: ', data);
}, function(status) {
console.warn('Something went wrong.', status);
});
*/
Strangely enough, activating BLOCK 1 works as expected (ip address obscured on purpose).
OwnerLangBackground.js loaded
Your public IP address is: xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xx
Your response is: Object { ip: "xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:…" }
Activating BLOCK 2 results in the error response.
OwnerLangBackground.js loaded
Something went wrong. 0
However, if I call the two URLs using curl directly, they both return valid JSON:
> curl https://mathiasbynens.be/demo/ip
{"ip":"xxxx:xxxx:xxxx::xxx"}
> curl http://ec2-35-158-91-62.eu-central-1.compute.amazonaws.com:9000/get-languages
[{"language":"??"},{"language":"de"},{"language":"en"},{"language":"fr"},{"language":"it"}]
I have added debugging output to my rest service on the AWS server and I see that it gets called. I also traced the WebExtension call to the rest service using Wireshark on my local machine on which the WebExtension is running and I can see the JSON string being returned, so I am guessing that the error occurs somewhere within firefox/the webextension, but I am at a total loss.
Things I have considered:
Permissions in the manifest: as far as I can tell the URL pattern for my aws-url is correctly added. However, the call to mathiasbynens.be works even though I have not added the url to the permissions
the call that works uses https while the call that does not work uses http. Could this be the reason?
Can anyone point me in the right direction to get more feedback on what goes wrong? I've tried adding a onerror callback to the xhr request. It is called but as far as I can see doesn't provide more information.
UPDATE:
I've come up with two more ideas. Using curl -v provided me with the headers:
> curl -v http://ec2-35-158-91-62.eu-central-1.compute.amazonaws.com:9000/get-languages
* Hostname was NOT found in DNS cache
* Trying 35.158.91.62...
* Connected to ec2-35-158-91-62.eu-central-1.compute.amazonaws.com (35.158.91.62) port 9000 (#0)
> GET /get-languages HTTP/1.1
> User-Agent: curl/7.38.0
> Host: ec2-35-158-91-62.eu-central-1.compute.amazonaws.com:9000
> Accept: */*
>
< HTTP/1.1 200
< Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
< Date: Sun, 23 Apr 2017 06:43:42 GMT
<
* Connection #0 to host ec2-35-158-91-62.eu-central-1.compute.amazonaws.com left intact
[{"language":"??"},{"language":"de"},{"language":"en"},{"language":"fr"},{"language":"it"}]
> curl -v https://mathiasbynens.be/demo/ip
* Hostname was NOT found in DNS cache
* Trying 2a01:1b0:7999:402::144...
* Connected to mathiasbynens.be (2a01:1b0:7999:402::144) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server key exchange (12):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: OU=Domain Control Validated; OU=PositiveSSL Wildcard; CN=*.mathiasbynens.be
* start date: 2015-07-28 00:00:00 GMT
* expire date: 2018-08-12 23:59:59 GMT
* subjectAltName: mathiasbynens.be matched
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
> GET /demo/ip HTTP/1.1
> User-Agent: curl/7.38.0
> Host: mathiasbynens.be
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Sun, 23 Apr 2017 06:44:16 GMT
* Server Apache is not blacklisted
< Server: Apache
< Access-Control-Allow-Origin: *
< Strict-Transport-Security: max-age=15768000; includeSubDomains
< Vary: Accept-Encoding
< Cache-Control: max-age=0
< Expires: Sun, 23 Apr 2017 06:44:16 GMT
< X-UA-Compatible: IE=edge
< X-Content-Type-Options: nosniff
< X-Frame-Options: DENY
< X-XSS-Protection: 1; mode=block
< Transfer-Encoding: chunked
< Content-Type: application/json;charset=UTF-8
<
* Connection #0 to host mathiasbynens.be left intact
{"ip":"xxxx:xxxx:xxxx::xxx"}
The one difference that stuck out was that my rest service's response lacks the Transfer-Encoding and Access-Control-Allow-Origin? headers, so I'll look into adding those.
Still, if anyone has a hint on how to get more error information for what goes wrong with XmlHttpRequest I'd be glad to hear it.
Ok, it seems the missing Access-Control-Allow-Origin? header was the root of my problems.
I have now changed all methods in my Spring-RestControllers by adding another method parameter HttpServletResponse response and then calling setHeader() on that parameter.
#RequestMapping("/get-languages")
public #ResponseBody List<Language> getLanguages(HttpServletResponse response) {
response.setHeader("Content-Type", "application/json;charset=UTF-8");
response.setHeader("Access-Control-Allow-Origin", "*");
return languageRepository.findAll();
}
Now my WebExtension can use this rest service sucessfully using XmlHttpRequest.
It would have been helpful if this information (that the CORS header was missing) had been visible somewhere in firefox's debugging or js console, so if anyone can tell me how I could have seen this, I'd still appreciate a hint.
Related
Using DA for Revit on Autodesk Forge. I have my code created and tested locally and am trying to deploy it to a testing application but hit a bit of a snag and not sure where I'm going wrong. I have created the Forge App, created and uploaded the bundle, created an alias for the bundle, but now am trying to create an activity and it's returning a bad request but not sure why.
I'm using Insomnia for my testing so here is the timeline readout for my request (with tokens, etc. removed):
* Preparing request to https://developer.api.autodesk.com/da/us-east/v3/activities
* Using libcurl/7.57.0-DEV OpenSSL/1.0.2o zlib/1.2.11 libssh2/1.7.0_DEV
* Current time is 2020-05-05T18:30:00.962Z
* Disable timeout
* Enable automatic URL encoding
* Enable SSL validation
* Enable cookie sending with jar of 3 cookies
* Connection 31 seems to be dead!
* Closing connection 31
* Trying 52.21.0.245...
* TCP_NODELAY set
* Connected to developer.api.autodesk.com (52.21.0.245) port 443 (#32)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: **removed**
* CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: businessCategory=Private Organization; jurisdictionC=US; jurisdictionST=Delaware; serialNumber=2401504; C=US; ST=California; L=San Rafael; O=Autodesk, Inc.; OU=MCP-ASRD-CP; CN=developer.api.autodesk.com
* start date: Feb 24 00:00:00 2020 GMT
* expire date: Mar 22 12:00:00 2021 GMT
* subjectAltName: host "developer.api.autodesk.com" matched cert's "developer.api.autodesk.com"
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert SHA2 Extended Validation Server CA
* SSL certificate verify ok.
> POST /da/us-east/v3/activities HTTP/1.1
> Host: developer.api.autodesk.com
> User-Agent: insomnia/7.1.1
> Cookie: PF=**removed**
> Content-Type: application/json
> Authorization: Bearer **removed**
> Accept: */*
> Content-Length: 592
| {
| "id":"RunChecks",
| "commandLine":["$(engine.path)\\\\revitcoreconsole.exe /i $(args[rvtFile].path) /al $(appbundles[ModelChecker].path)"],
| "paremeters": {
| "rvtFile": {
| "zip": false,
| "ondemand": false,
| "verb": "get",
| "description": "Input Revit Model",
| "required":true,
| "localName": "$(rvtFile)"
| },
| "result": {
| "zip": false,
| "ondemand": false,
| "verb": "put",
| "description": "Results",
| "required":true,
| "localName": "Report.xml"
| }
| },
| "engine": "Autodesk.Revit+2021",
| "appbundles": ["BIT.ModelChecker+dev"],
| "description":"Runs model checks"
| }
* upload completely sent off: 592 out of 592 bytes
< HTTP/1.1 400 Bad Request
< Content-Type: application/json; charset=utf-8
< Date: Tue, 05 May 2020 18:30:01 GMT
< Strict-Transport-Security: max-age=31536000; includeSubDomains
< Via: 1.1 824fe21e467658628899bdd8725649ee.cloudfront.net (CloudFront)
< x-amz-apigw-id: MEiKjFSroAMF20A=
< X-Amz-Cf-Id: mwq0J1Q567VwiT7nGfKuSPdrctm5Cv-AxbVpV6KhA6ZbZiTM-mAkCw==
< X-Amz-Cf-Pop: IAD89-C1
< x-amzn-Remapped-Content-Length: 90
< x-amzn-RequestId: 761a452d-2bde-4e8f-987c-fb9d4f25ce7b
< X-Amzn-Trace-Id: Root=1-5eb1b0a9-b01c07c62357bb2604081bf6
< X-Cache: Error from cloudfront
< Content-Length: 90
< Connection: keep-alive
* Received 90 B chunk
* Connection #32 to host developer.api.autodesk.com left intact
The response is a 400 with the following body:
{
"commandLine": [
"Value cannot be null. (Parameter 'source')\n (Parameter 'commandLine')"
]
}
I pulled this from the example here and just modified to use my own aliases, etc.
I see that it says source and commandLine can not be null but source isn't mentioned anywhere in the documentation that I can find and isn't in the example so I'm not sure what it is and commandLine is set just like the example...
Where am I going wrong?
You have a typo in the activity definition.
The field parameters is misspelt as paremeters.
(We can improve our error reporting)
Environment:
CouchDB 2.2.0 running on VirtualBox, running up-to-date Debian image. Network type is bridged, all ports are open, no https.
Vue3.js app (not using any Vue functionality to access the DB)
Remote access JS package:
axios
fetch
Browser: Chrome latest
Relevant CouchDB local.ini settings
[couch_peruser]
enable = false
delete_dbs = false
[chttpd]
port = 5984
require_valid_user = false
proxy_use_secret = false
bind_address = 0.0.0.0
authentication_handlers = {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler}
[httpd]
bind_address = 127.0.0.1
enable_cors = true
(default authentication handlers set in default.ini)
authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, default_authentication_handler}
[couch_httpd_auth]
secret = (hash num)
require_valid_user = false
allow_persistent_cookies = true
[cors]
origins = *
headers = accept, authorization, content-type, X-Auth-CouchDB-UserName, origin, referer
credentials = true
methods = GET, PUT, POST, HEAD, DELETE
What Happens
If I do the query via curl, I get a cookie in the response.
Here's the curl call:
curl -v http://couchman.lcldev:5984/_session \
-H "Content-Type:application/json" \
-H "X-Auth-CouchDB-UserName:<uname>" \
-d '{"name":"<uname>","password":"<passwd>"}'
And here's the response:
< HTTP/1.1 200 OK
< Cache-Control: must-revalidate
< Content-Length: 47
< Content-Type: application/json
< Date: Wed, 10 Oct 2018 21:16:10 GMT
< Server: CouchDB/2.2.0 (Erlang OTP/19)
< Set-Cookie: (cookie info)
<
{"ok":true,"name":"<name>","roles":["<roles>"]}
Yay. I get a cookie.
But if I call it from within my app (with either fetch or axios), I only get these headers:
Response headers:
cache-control,must-revalidate
content-type,application/json
server,CouchDB/2.2.0 (Erlang OTP/19)
No Set-Cookie header.
So, what's up? What am I missing?
Answered in first comment - see thread for more info.
I'm creating a simple bash script to run a cURL POST command.
The script, even though it is the same command does not send the POST data as json.
When I enter the command by hand it sends the POST data as JSON with no problem.
$ curl --include --header 'Accept:application/json' --header 'Authorization:Basic xxxxxxxxxxxxxxxxx' --data '{"sourceTemplateId":111111111111111}' --header 'Content-Type:application/json' https://api.everbridge.net/rest/notifications/000000000000000
HTTP/1.1 200 OK
Server: nginx/1.8.0
Date: Wed, 18 May 2016 18:13:15 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
{
"message" : "OK",
"id" : 5748251085623370,
"baseUri" : "https://api.everbridge.net/rest/notifications/000000000000000/",
"instanceUri" : "https://api.everbridge.net/rest/notifications/000000000000000/5748251085623370"
}
When I run an echo for my bash script, I get this.
$ ./Send_Not.sh
curl --include --header 'Accept:application/json' --header 'Authorization:Basic xxxxxxxxxxxxxxxxx' --data '{"sourceTemplateId":111111111111111}' --header 'Content-Type:application/json' https://api.everbridge.net/rest/notifications/000000000000000
Literally the same format
But when I run the script, I get this error.
$ ./Send_Not.sh
HTTP/1.1 415 Unsupported Media Type
Server: nginx/1.8.0
Date: Wed, 18 May 2016 18:28:50 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
{
"status" : 415,
"message" : "Content type 'application/x-www-form-urlencoded' not supported"
Here is my script, it's super simple.
#!/bin/bash
ajson=\'Accept:application/json\'
credentials=\'Authorization:Basic\ xxxxxxxxxxxxxxxxx\'
data=\'{\"sourceTemplateId\":111111111111111}\'
CT=\'Content-Type:application/json\'
url="https://api.everbridge.net/rest/notifications/000000000000000"
curl --include --header "$ajson" --header "$credentials" --data "$data" --header "$CT" "$url"
Reran the command with -X POST and -v
$ ./Send_Not.sh
Note: Unnecessary use of -X or --request, POST is already inferred.
* STATE: INIT => CONNECT handle 0x600057830; line 1108 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* Trying 54.193.84.167...
* STATE: CONNECT => WAITCONNECT handle 0x600057830; line 1161 (connection #0)
* Connected to api.everbridge.net (54.193.84.167) port 443 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057830; line 1260 (connection #0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057830; line 1274 (connection #0)
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=California; L=Glendale; O=Everbridge; OU=SaaS Operations; CN=*.everbridge.net
* start date: Sep 18 00:00:00 2015 GMT
* expire date: Sep 17 23:59:59 2018 GMT
* subjectAltName: host "api.everbridge.net" matched cert's "*.everbridge.net"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
* STATE: PROTOCONNECT => DO handle 0x600057830; line 1295 (connection #0)
> POST /rest/notifications/000000000000000 HTTP/1.1
> Host: api.everbridge.net
> User-Agent: curl/7.48.0
> Accept: */*
> 'Accept:application/json'
> 'Authorization:Basic xxxxxxxxxxxxxxxxx'
> 'Content-Type:application/json'
> Content-Length: 39
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 39 out of 39 bytes
* STATE: DO => DO_DONE handle 0x600057830; line 1357 (connection #0)
* STATE: DO_DONE => WAITPERFORM handle 0x600057830; line 1484 (connection #0)
* STATE: WAITPERFORM => PERFORM handle 0x600057830; line 1494 (connection #0)
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 415 Unsupported Media Type
HTTP/1.1 415 Unsupported Media Type
* Server nginx/1.8.0 is not blacklisted
< Server: nginx/1.8.0
Server: nginx/1.8.0
< Date: Wed, 18 May 2016 21:08:12 GMT
Date: Wed, 18 May 2016 21:08:12 GMT
< Content-Type: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Connection: keep-alive
Connection: keep-alive
<
{
"status" : 415,
"message" : "Content type 'application/x-www-form-urlencoded' not supported"
* STATE: PERFORM => DONE handle 0x600057830; line 1652 (connection #0)
* Curl_done
* Connection #0 to host api.everbridge.net left intact
}
Echo with new script suggested by Mircea
$ ./Send_Not.sh
curl -vvv --include --header 'Accept:application/json' --header 'Authorization:Basic xxxxxxxxxxxxxxxxx' -X POST --data '{"sourceTemplateId":111111111111111}' --header Content-Type:application/json https://api.everbridge.net/rest/notifications/000000000000000
Reply when I execute new script
$ ./Send_Not.sh
Note: Unnecessary use of -X or --request, POST is already inferred.
* STATE: INIT => CONNECT handle 0x600057830; line 1108 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* Trying 54.193.84.167...
* STATE: CONNECT => WAITCONNECT handle 0x600057830; line 1161 (connection #0)
* Connected to api.everbridge.net (54.193.84.167) port 443 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057830; line 1260 (connection #0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057830; line 1274 (connection #0)
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=California; L=Glendale; O=Everbridge; OU=SaaS Operations; CN=*.everbridge.net
* start date: Sep 18 00:00:00 2015 GMT
* expire date: Sep 17 23:59:59 2018 GMT
* subjectAltName: host "api.everbridge.net" matched cert's "*.everbridge.net"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
* STATE: PROTOCONNECT => DO handle 0x600057830; line 1295 (connection #0)
> POST /rest/notifications/000000000000000 HTTP/1.1
> Host: api.everbridge.net
> User-Agent: curl/7.48.0
> Accept: */*
> 'Accept:application/json'
> 'Authorization:Basic xxxxxxxxxxxxxxxxx'
> Content-Type:application/json
> Content-Length: 39
>
* upload completely sent off: 39 out of 39 bytes
* STATE: DO => DO_DONE handle 0x600057830; line 1357 (connection #0)
* STATE: DO_DONE => WAITPERFORM handle 0x600057830; line 1484 (connection #0)
* STATE: WAITPERFORM => PERFORM handle 0x600057830; line 1494 (connection #0)
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 400 Bad Request
HTTP/1.1 400 Bad Request
* Server nginx/1.8.0 is not blacklisted
< Server: nginx/1.8.0
Server: nginx/1.8.0
< Date: Wed, 18 May 2016 21:41:01 GMT
Date: Wed, 18 May 2016 21:41:01 GMT
< Content-Type: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Connection: keep-alive
Connection: keep-alive
<
{
"status" : 400,
"message" : "Error Unexpected character (''' (code 39)): expected a valid value (number, String, array, object, 'true', 'false' or 'null')\n at [Source: org.apache.tools.ant.filters.StringInputStream#5d5906fc; line: 1, column: 2] parsing input:\n'{\"sourceTemplateId\":111111111111111}'"
* STATE: PERFORM => DONE handle 0x600057830; line 1652 (connection #0)
* Curl_done
* Connection #0 to host api.everbridge.net left intact
}
I also escaped the double quotes for Conten-Type, and I got the original error
#!/bin/bash
ajson="Accept:application/json"
credentials="Authorization:Basic xxxx_replace_xxxx"
data='{"sourceTemplateId":111111111111111}'
CT=\"Content-Type:application/json\"
url="https://api.everbridge.net/rest/notifications/000000000000000"
curl -vvv --include --header "$ajson" --header "$credentials" --data "$data" --header "$CT" "$url"
Original error when executed
$ ./Send_Not.sh
Note: Unnecessary use of -X or --request, POST is already inferred.
* STATE: INIT => CONNECT handle 0x600057830; line 1108 (connection #-5000)
* Added connection 0. The cache now contains 1 members
* Trying 54.193.84.167...
* STATE: CONNECT => WAITCONNECT handle 0x600057830; line 1161 (connection #0)
* Connected to api.everbridge.net (54.193.84.167) port 443 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x600057830; line 1260 (connection #0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x600057830; line 1274 (connection #0)
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-SHA
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: C=US; ST=California; L=Glendale; O=Everbridge; OU=SaaS Operations; CN=*.everbridge.net
* start date: Sep 18 00:00:00 2015 GMT
* expire date: Sep 17 23:59:59 2018 GMT
* subjectAltName: host "api.everbridge.net" matched cert's "*.everbridge.net"
* issuer: C=US; O=GeoTrust Inc.; CN=GeoTrust SSL CA - G3
* SSL certificate verify ok.
* STATE: PROTOCONNECT => DO handle 0x600057830; line 1295 (connection #0)
> POST /rest/notifications/000000000000000 HTTP/1.1
> Host: api.everbridge.net
> User-Agent: curl/7.48.0
> Accept: */*
> 'Accept:application/json'
> 'Authorization:Basic xxxxxxxxxxxxxxxxxx'
> "Content-Type:application/json"
> Content-Length: 39
> Content-Type: application/x-www-form-urlencoded
>
* upload completely sent off: 39 out of 39 bytes
* STATE: DO => DO_DONE handle 0x600057830; line 1357 (connection #0)
* STATE: DO_DONE => WAITPERFORM handle 0x600057830; line 1484 (connection #0)
* STATE: WAITPERFORM => PERFORM handle 0x600057830; line 1494 (connection #0)
* HTTP 1.1 or later with persistent connection, pipelining supported
< HTTP/1.1 415 Unsupported Media Type
HTTP/1.1 415 Unsupported Media Type
* Server nginx/1.8.0 is not blacklisted
< Server: nginx/1.8.0
Server: nginx/1.8.0
< Date: Wed, 18 May 2016 21:48:54 GMT
Date: Wed, 18 May 2016 21:48:54 GMT
< Content-Type: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Connection: keep-alive
Connection: keep-alive
<
{
"status" : 415,
"message" : "Content type 'application/x-www-form-urlencoded' not supported"
* STATE: PERFORM => DONE handle 0x600057830; line 1652 (connection #0)
* Curl_done
* Connection #0 to host api.everbridge.net left intact
}
As stated in the comments this is an issue on how you are escaping things.
Here is a form of the script that works:
#!/bin/bash
ajson="Accept:application/json"
credentials="Authorization:Basic xxxx_replace_xxxx"
data='{"sourceTemplateId":111111111111111}'
CT="Content-Type:application/json"
url="https://api.everbridge.net/rest/notifications/000000000000000"
curl -vvv --include --header "$ajson" --header "$credentials" --data "$data" --header "$CT" "$url"
The following curl command:
curl -v -F 'json={"method":"update_video","params":{"video":{"id":"582984001","itemState":"INACTIVE"},"token":"jCoXH5OAMYQtXm1sg62KAF3ysG90YLagEECDAdlhg.."}}' https://api.somewebservice.com/services/post
Produces this output:
{"method":"update_video","params":{"video":{"id":"55269001","itemState":"INACTIVE"},"token":"jCoXH1sg62KAF3ysG90YLagEECTP16uOUSg_fDAdlhg.."}}' https://api.somewebservice.com/services/post
* Trying 64.74.101.65...
* Connected to api.somewebservice.com (64.74.101.65) port 443 (#0)
* TLSv1.0, TLS handshake, Client hello (1):
* TLSv1.0, TLS handshake, Server hello (2):
* TLSv1.0, TLS handshake, CERT (11):
* TLSv1.0, TLS handshake, Server key exchange (12):
* TLSv1.0, TLS handshake, Server finished (14):
* TLSv1.0, TLS handshake, Client key exchange (16):
* TLSv1.0, TLS change cipher, Client hello (1):
* TLSv1.0, TLS handshake, Finished (20):
* TLSv1.0, TLS change cipher, Client hello (1):
* TLSv1.0, TLS handshake, Finished (20):
* SSL connection using TLSv1.0 / DHE-RSA-AES256-SHA
* Server certificate:
* subject: OU=Domain Control Validated; OU=Issued through Somewebservice Inc. E-PKI Manager; OU=COMODO SSL; CN=api.brightcove.com
* start date: 2015-09-02 00:00:00 GMT
* expire date: 2016-10-09 23:59:59 GMT
* subjectAltName: api.somewebservice.com matched
* issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO RSA Domain Validation Secure Server CA
* SSL certificate verify ok.
> POST /services/post HTTP/1.1
> User-Agent: curl/7.41.0
> Host: api.somewebservice.com
> Accept: */*
> Content-Length: 294
> Expect: 100-continue
> Content-Type: multipart/form-data; boundary=------------------------5106835c8f9f70f9
>
< HTTP/1.1 100 Continue
< HTTP/1.1 200 OK
< Content-Type: application/json;charset=UTF-8
< Content-Length: 943
< Date: Sun, 10 Apr 2016 22:29:23 GMT
< Server: somewebservice
<
* Connection #0 to host api.somewebservice.com left intact
{"result": {"id":55225001,"name":"Taxpayers pay to cover tattoos","adKeys":null,"shortDescription":"Opening statements are set to begin in the trial.","longDescription":null,"creationDate":"1260220396","publishedDate":"12603101609","lastModifiedDate":"1460352526","linkURL":null,"linkText":null,"tags":["Crime","national","wtsp","neo-nazi","court","taxpayers","News","David","john"],"videoStillURL":"http:\/\/bcdownload.net\/wtsp\/35134001\/3508134001_55110080001_59001.jpg?pubId=35134001","thumbnailURL":"http:\/\/bcdownload.edgesuite.net\/wtsp\/87134001\/350134001_55110081001_th-55100159001.jpg?pubId=35084001","referenceId":"7cf007503e2ee37a","length":112106,"economics":"AD_SUPPORTED","playsTotal":248,"playsTrailingWeek":0}, "error": null, "id": null}
There are two 'Content-Type' objects in the above output:
> Content-Type: multipart/form-data;
and
< Content-Type: application/json;charset=UTF-8
According to the docs, using -F allows curl to send data as a multi-part form, but then the json= is something I can't find in the docs. I'm assuming it's converting the dictionary/string:
{"method":"update_video","params":{"video":{"id":"582984001","itemState":"INACTIVE"},"token":"jCoXH5OAMYQtXm1sg62KAF3ysG90YLagEECDAdlhg.."}}
to JSON? Or more precisely, it's adding the 'Content-Type': 'application/json' header to the POST request? So is this essentially a POST request with two distinct headers?
The first Content-Type header is part of the client's request header and the second one is part of the server's response header. The request and the response are separated by 2 CRLFs. Request and response each have their own Content-Types.
I am trying to send an email via the Mandrill API, but it is throwing an error with the key(s) I provide. Below is the text.json file I am including in my curl request.
{
'key' : 'MyActualKey',
'message': {
'html': '<p>Example HTML content</p>',
'text': 'Example text content',
'subject': 'example subject',
'from_email': 'from#example.com',
'from_name': 'Test',
'to': [
{
'email': 'to#example.com',
'name': 'Eric Clapton',
'type': 'to'
}
],
'headers': {
'Reply-To': 'reply#example.com'
},
'merge': True,
'tags': [
'Mandrill Test'
]
},
'ip_pool': 'Main Pool'
}
Then I execute this curl command:
curl -X POST -H "Content-Type: application/json" --data #test.json https://mandrillapp.com/api/1.0/messages/send.json -v
Resulting in this output with the error shown on the last line:
* Adding handle: conn: 0x7fd922803a00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fd922803a00) send_pipe: 1, recv_pipe: 0
* About to connect() to mandrillapp.com port 443 (#0)
* Trying 54.221.22.61...
* Connected to mandrillapp.com (54.221.22.61) port 443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
* Server certificate: mandrillapp.com
* Server certificate: Thawte SSL CA
* Server certificate: thawte Primary Root CA
* Server certificate: Thawte Premium Server CA
> POST /api/1.0/messages/send.json HTTP/1.1
> User-Agent: curl/7.30.0
> Host: mandrillapp.com
> Accept: */*
> Content-Type: application/json
> Content-Length: 501
>
* upload completely sent off: 501 out of 501 bytes
< HTTP/1.1 500 Internal Server Error
* Server nginx/1.6.0 is not blacklisted
< Server: nginx/1.6.0
< Date: Sat, 14 Jun 2014 23:46:44 GMT
< Content-Type: application/json; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< X-Powered-By: PHP/5.3.10-1ubuntu3.11
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: POST, GET, OPTIONS
< Access-Control-Allow-Headers: Content-Type
< Access-Control-Allow-Credentials: false
<
* Connection #0 to host mandrillapp.com left intact
{"status":"error","code":-1,"name":"ValidationError","message":"You must specify a key value"}
Notice how the last line says 'specify a key value' - again, this is the exact key from the Mandrill control panel. I even generated a couple more and they all failed.
Try to change it into a valid json and see if that helps:
Change all single quotes into double quotes
Change the value of "merge" from "True" to lower case "true".