I'm using Postman with the Interceptor extension to perform a POST request.
My request contains an Origin header to be able to avoid CORS errors. The Content-Type is application/x-www-form-urlencoded and I receive json, so I had to add the Accept header with value application/json.
The API I call wants me to add the Referer header as well, so I do that. When I send the request, the Accept header is not in the raw request. When I remove the Referer header, the Accept header shows up in the raw request.
Is this a bug in Postman/Interceptor or am I doing something against 'the rules' of sending http requests?
Related
When sending a POST request to a web server, can you specify the Accept header parameter alongside Content-type? As in, I am sending some JSON, so I'll specify that in Content-type, but since I expect a response from the server (perhaps the object that will be added to the database), I would specify that in the Accept parameter?
When sending a POST request to a web server, can you specify the Accept header parameter alongside Content-type?
Yes. Accept is what you will accept in the response. Content-Type is what you are sending in the request. They are entirely independent.
I'm currently working with Angular 5.1.2 and i'm trying to get objects from http requests.
In order to verify my code, I've hardcoded a JSON response and created a Python Anywhere's web service, here's what I did :
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=UTF-8
{"Computer":[{
"ip":"192.168.0.142",
"mac":"39-D7-98-9E-5A-DC",
"name":"PC-DE-JEAN-CLAUDE"
},
{
"ip":"192.168.0.50",
"mac":"4D-49-98-30-8A-F5",
"name":"LIVEBOX-684J"
}]}
However, why my Angular app is saying that "No 'Access-Control-Allow-Origin' header is present on the requested resource" ?
Thanks
It is related to CORS issue. It happens when server and client are running on different addresses. To make it run, server need to return Access-Control-Allow-Origin as a Key:Value pair in their header response.
Access-Control-Allow-Origin: *
Specifying value as * means that the content of the address can be accessed by any other address.
It's one of the layer in securing the Internet applications.
This is a server-side problem due to CORS to prevent XSS. In order to fix, make sure your server responds with the header Access-Control-Allow-Origin: * After verifying this fixes the problem, set this header to your website URL
I need to send POST request and get json from it.
Create Http Context emopstest.pdc.org http
Set Request Header Content-Type application/x-www-form-urlencoded
Set Request Header Authorization Basic bG9naW46cGFzcw==
${dict}= Create Dictionary app_ids=18 where=ROWNUM<=2000
${value}= Stringify Json ${dict}
Set Request Body ${value}
HttpLibrary.HTTP.POST /auth_srv/services/auth/1/json/get_hazards
Show Response Body In Browser
Response Status Code Should Equal 200
${result_text}= Get Response Body
${result_json}= Parse Json ${result_text}
But this code returns to me 404...
What is wrong?
The 404 means that the server couldn't find the resource you requested. Usually that means the URL was wrong. Depending on how the server is configured, it could also mean that your authorization is wrong (ie: some applications will give a 404 in the case of bad authentication, so that an attacker isn't given a clue that the credentials are incorrect)
The server logs should have information that will help you track down whether you have an incorrect URL or that the server has a bug.
If I have a Parse.com API with applicationId APPLICATION_ID and REST-API-Key REST_API_KEY, and the classname is Story, then what should the GET request structure look like. I tried the following :
https://api.parse.com/1/story/applicationId=APPLICATION_ID&REST-API-Key=REST_API_KEY
but it didn't work.
#Das According to Parse API
Authentication is done via HTTP headers.
So, your request should be
*GET /1/stories/story HTTP/1.1
Host : api.parse.com
Accept: application/json
X-Parse-Application-Id: APPLICATION_ID
X-Parse-REST-API-Key: REST_API_KEY*
When we need to use headers, the Get request can not be formed within a single URL,
Postman chrome extension would be helpful to construct the requests
or fiddler.
When you are using postman, to fill the header details, take the HTTP Verb as POST and use
X-Http-Method-Override: GET header to make it a GET request.
Hope this helps
I'm attempting to use the add_run API method to create new test runs on my testrail server. I am using RESTClient to test the command.
The request is POST index.php?/api/v2/add_run/1
(I have a project with id 1)
As request headers I am using Content-Type: application/json and Authorization: Basic USERNAME:PASSWORD_BASE64
request body is:
{
"name":"name",
"suite_id":1
}
Upon sending the request, I receive a "400 Bad Request" Response with the error message:
{"error":"Content-Type header invalid (use Content-Type: application\/json)"}
Since I am in fact using Content-Type: application/json as a request header I have no idea why I am getting this error or what it means. Anyone have any ideas?
one of the TestRail developers here. It's very likely that you didn't submit the Content-Type header correctly, could you please share the source snippet you used to send this request?