I was wondering how to write a Query String in a POST HTTP form request if occur some space (I guess the problem would occur in case of GET form request too) .
I am going to make an example:
If I have for example a value "English (US)" would the Query String (for example) in a hypothetic log in form be:
username=value1&password=&language=English (US)
I mean would be language=English (US) correct with the space inside?
And one more question. Since I have to use "password", would the query string be sent like this "password=&"? Or must I write something between "password=" and "&"?
I am not sure why you are using Query string params on a POST. Usually you would just include all values in the post body. Also, it is not a good idea to send credentials as query parameters. An HTTP AUTH header is a better choice if you don't have a more secure option.
Nonetheless, if you use the JavaScript encodeURIComponent() function, it will properly encode the spaces.
If you are using jQuery $.ajax() calls on a GET and provide the values as the 'data' option, then jQuery will call encodeURIComponent for you.
Related
I want to use query string as json, for example: /api/uri?{"key":"value"}, instead of /api/uri?key=value. Advantages, from my point of view, are:
json keep types of parameters, such are booleans, ints, floats and strings. Standard query string treats all parameters as strings.
json has less symbols for deep nested structures, For example, ?{"a":{"b":{"c":[1,2,3]}}} vs ?a[b][c][]=1&a[b][c][]=2&a[b][c][]=3
Easier to build on client side
What disadvantages could be in that case of json usage?
It looks good if it's
/api/uri?{"key":"value"}
as stated in your example, but since it's part of the URL then it gets encoded to:
/api/uri?%3F%7B%22key%22%3A%22value%22%7D
or something similar which makes /api/uri?key=value simpler than the encoded one; in this case both for debugging outbound calls (ie you want to check the actual request via wireshark etc). Also notice that it takes up more characters when encoded to valid url (see browser limitation).
For the case of 'lesser symbols for nested structures', It might be more appropriate to create a new resource for your sub resource where you will handle the filtering through your query parameters;
api/a?{"b":1,}
to
api/b?bfield1=1
api/a?aBfield1=1 // or something similar
Lastly for the 'easier to build in client side', i think it depends on what you use to create your client, usually query params are represented as maps so it is still simple.
Also if you need a collection for a single param then:
/uri/resource?param1=value1,value2,value3
When recaptcha makes the call to https://www.google.com/recaptcha/api2/userverify?k=
It comes back with this
)]}'
["uvresp",,,,2]
Granted with a valid k it comes back with a bit more. However the )]}' is clearly invalid json.
When I try to retrieve the response with grecaptcha.getResponse() I get an empty string.
Same result when using curl.
Any help would be appreciated.
Actually the value returned is not valid json but well parsed by the Google's API.
Is it a protection ? I don't know, but if you look at the javascript, you can find that:
var jm=function(a,b,c,d,e,g,h,l,r){this.xl=a;this.$c=c||"GET";this.Ka=d;this.Gg=e||null;this.Td=m(h)?h:1;this.ye=0;this.xh=this.Nh=!1;this.uh=b;this.Mh=g;this.md=l||"";this.Zb=!!r;this.Wf=null};f=jm.prototype;f.getUrl=function(){return this.xl};f.ug=function(){return this.$c};f.Ca=function(){return this.Ka};f.fi=function(){return this.Zb};f.bi=function(){return this.md};var nm=function(){G.call(this);this.nj=new hm(0,mm,1,10,5E3);H(this,this.nj);this.ad=0};x(nm,G);var mm=new Nh;nm.prototype.send=function(a){return new Lc(function(b,c){var d=String(this.ad++);this.nj.send(d,a.Uf.toString(),a.ug(),a.Ca(),mm,void 0,u(function(a,d){var h=d.target;if(Xk(h)){var l=a.ml;h.B?(h=h.B.responseText,0==h.indexOf(")]}'\n")&&(h=h.substring(5)),h=Hg(h)):h=void 0;b(new l(h))}else c(new om(a))},this,a))},this)};var om=function(a){y.call(this);this.request=a};x(om,y);
especially take a look at:
var l=a.ml;h.B?(h=h.B.responseText,0==h.indexOf(")]}'\n")&&(h=h.substring(5)),h=Hg(h)):h=void 0;`
The parser explicitly checks that the value begins by )]} and strips it.
I suggest you to just apply the same substring on the "json" string
On zhihu, a Chinese Q&A community similar to Quora,I am writing a small program to create a list of users who follow a particular user. On the page showing this information, by scrolling down to the bottom, the browser sends a post request and receives a response in json to extend the followers list.
A snippet of the received json is (copied from firebug):
{"r":0,"msg":["<div class=\"zm-profile-card zm-profile-section-item zg-clear no-hovercard\">\n<div class=\"zg-right\">\n<button data-follow=\"m:button\" data-id=\"f09ebe71535bd89a43dd979c77cf3676\" class=\"zg-btn zg-btn-unfollow zm-rich-follow-btn small nth-0\">\u53d6\u6d88\u5173\u6ce8<\/button>.....
I have little knowledge about json but I am sure that 'msg' contains information about followers.
In my program, I use Python Requests module to send this post request to server.
payload={"method":"next","params":params,"_xsrf":_xsrf}#form data
response=session.post('http://www.zhihu.com/node/ProfileFollowersListV2',data=payload,headers=header)
response has a status code 200, but response.json() returns:
{u'msg': [], u'r': 0}
where the 'msg' is empty. Can anyone help me with this?
I encountered this very problem when I tried to get the content in the returned json file. To solve this, you just need to adjust one thing.
payload={"method":"next","params":params,"_xsrf":_xsrf}
Notice the params. You didn't show us what exactly it was. Since you and I have the same question, I'd assume that your params looks like this,
params = json.dumps({"offset":20,"order_by":"created","hash_id":"blablabla"})
Here is the big one. Your value of "offset" must be an integer, 20 in this case, but definitely not a string, say something like "20". It's really hard to tell what goes wrong when every element is double quoted.
Remember,the value of "offset" must be an integer!
"offset":20
I have a "conceptual" question about designing a RESTful API which returns and accepts data in JSON format.
Consider following requests and responses:
GET http://host/records/12345
{ "id":"12345", "address":{"street":"main street","number":5,"city":"springfield"}}
GET http://host/records/12345/address
{"street":"main street","number":5,"city":"springfield"}
GET http://host/records/12345/address/city
{"city":"springfield"}
OR
springfield (=not valid json)
I realize that the second answer isn't a valid JSON response so I presume the latter is the correct answer to my question. However it looks redundant to me to respond in the form of a key/value since the requester already knew the "key" during the request.
Same counts for updates:
When I want to update the city of my 12345 record with another value what would be more correct to submit:
PUT http://host/records/12345/address/city
{"city":"paris"} <- content of body when submitting
OR
paris <- content of body when submitting (=not valid json)
The reason I'm asking is because one would already have enough by doing
PUT http://host/records/12345/address
{"city":"paris"} <- content of body when submitting
What would be considered to be most appropriate approach to this?
Thanks,
Jay
REST API's generally work on resources, which loosely translate to objects or tables in a database. Your first example of a GET does not indicate that you are trying to get a resource of type "address". What if you want to add additional resources to your API, for example "companies", then this would not be clear. And there should be a way to get a list of all of the addresses. So to get all of the addresses the API call would look like
GET http://host/records/address
[{"id":"12345", "street":"main street","number":5,"city":"springfield"},
{"id":"12346", "street":"foo street","number":1,"city":"alexandria"}]
To get a specific address it would look like
GET http://host/records/address/12345
{"id":"12345", "street":"main street","number":5,"city":"springfield"}
That id is part of the address object and I do not see any need to break it out into a parent object as in your example. You then use that id to let your web service know what needs to be updated. So your update would look like this.
PUT http://host/records/address
{"id":"12345", "street":"main street","number":5,"city":"paris"}
Usually the client would send the whole object over and not just the fields to update.
If you really want to do this "micro-PUT" style of updating then consider just sending the body using the text/plain media type. One of the beauties of using HTTP is that you can freely mix and match media types to use what is the most appropriate.
PUT http://host/records/12345/address/city
Content-Type: text/plain
Content-Length: 5
paris
=>
200 OK
Be warned though, HTTP is optimized for working with large grain resources. If you see your users wanting to do these kind of small updates frequently then maybe you need to reconsider the approach.
I don't know if this is possible, and I'm sure i'm not calling it the right thing, but how can I pass a url with get parameter inside a get parameter itself? For example, I want to pass http://example.com/return/?somevars=anothervar as a value for the "return" parameter as show below:
http://example.com/?param1=4&return=http://example.com/return/?somevars=anothervar
URL-encode the inner parameter. How you do this depends on the language you're using, or if you're doing it by hand, so in the absence of information I'll just say that ? is %3F, & is %26 and # is %23 - those are the only ones that are "required" for the browser to understand what you're doing.