I am testing a script for logout and access a URL not accessible when you are not logged in, but in my URL LOGOUT, i get the response code 405 and this is problematic.
Code:
$I = new AcceptanceTester($scenario);
$I->amOnPage('/financeiro_legado/finlegado-titulo/index');
$I->wantTo('Logout');
$I->amOnPage('/');
$I->fillField('LoginForm[username]', 'marcelo');
$I->fillField('LoginForm[password]', 'marceloid5123');
$I->click('#login-form .btn');
$I->see('Olá, marcelo');
$I->seeInCurrentUrl('/');
$I->click('Logout', '.nav');
$I->amOnPage('/financeiro_legado/finlegado-titulo/index');
Returns:
Logout (LogoutCept)
Scenario:
* I am on page "/financeiro_legado/finlegado-titulo/index"
[Response] 200
[Page] http://10.0.0.10/CliPainel/backend/web/index.php/user-management/auth/login
[Cookies] {"PHPSESSID":"puu268lb5rjl00ml0hk27rm9b0"}
[Headers] {"Date":["Fri, 11 Dec 2015 17:34:13 GMT"],"Server":["Apache/2.4.17 (Ubuntu)"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Cache-Control":["no-store, no-cache, must-revalidate, post-check=0, pre-check=0"],"Pragma":["no-cache"],"Set-Cookie":["_csrf=07c2d101d6c9e8530f7da67a78d451400eea99b70dc8a722a512661501bc4619a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%2248-nrt97Wc-EEUA0jUh6-USBTS-44ccy%22%3B%7D; path=/; httponly"],"Vary":["Accept-Encoding"],"Content-Length":["3918"],"Content-Type":["text/html; charset=UTF-8"]}
* I am on page "/"
[Response] 200
[Page] http://10.0.0.10/CliPainel/backend/web/index.php/user-management/auth/login
[Cookies] {"PHPSESSID":"puu268lb5rjl00ml0hk27rm9b0","_csrf":"07c2d101d6c9e8530f7da67a78d451400eea99b70dc8a722a512661501bc4619a:2:{i:0;s:5:"_csrf";i:1;s:32:"48-nrt97Wc-EEUA0jUh6-USBTS-44ccy";}"}
[Headers] {"Date":["Fri, 11 Dec 2015 17:34:14 GMT"],"Server":["Apache/2.4.17 (Ubuntu)"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Cache-Control":["no-store, no-cache, must-revalidate, post-check=0, pre-check=0"],"Pragma":["no-cache"],"Vary":["Accept-Encoding"],"Content-Length":["3918"],"Content-Type":["text/html; charset=UTF-8"]}
* I fill field "LoginForm[username]","marcelo"
* I fill field "LoginForm[password]","marceloid5123"
* I click "#login-form .btn"
[Uri] http://10.0.0.10/CliPainel/backend/web/index.php/user-management/auth/login
[Method] POST
[Parameters] {"_csrf":"bWN1ZS1zWTBZW1gLXwdgBzoAWCBoJhgABzYdUwAmCnI5MFhRGRA6SQ==","LoginForm":{"username":"marcelo","password":"marceloid5123"}}
[Response] 200
[Page] http://10.0.0.10/CliPainel/backend/web/
[Cookies] {"PHPSESSID":"6hehrk4ddoroplv5so3l6klkb1","_csrf":"07c2d101d6c9e8530f7da67a78d451400eea99b70dc8a722a512661501bc4619a:2:{i:0;s:5:"_csrf";i:1;s:32:"48-nrt97Wc-EEUA0jUh6-USBTS-44ccy";}"}
[Headers] {"Date":["Fri, 11 Dec 2015 17:34:16 GMT"],"Server":["Apache/2.4.17 (Ubuntu)"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Cache-Control":["no-store, no-cache, must-revalidate, post-check=0, pre-check=0"],"Pragma":["no-cache"],"Vary":["Accept-Encoding"],"Transfer-Encoding":["chunked"],"Content-Type":["text/html; charset=UTF-8"]}
* I see "Olá, marcelo"
* I see in current url "/"
* I click "Logout",".nav"
[Response] 405
[Page] http://10.0.0.10/CliPainel/backend/web/index.php/site/logout
[Cookies] {"PHPSESSID":"6hehrk4ddoroplv5so3l6klkb1","_csrf":"07c2d101d6c9e8530f7da67a78d451400eea99b70dc8a722a512661501bc4619a:2:{i:0;s:5:"_csrf";i:1;s:32:"48-nrt97Wc-EEUA0jUh6-USBTS-44ccy";}"}
[Headers] {"Date":["Fri, 11 Dec 2015 17:34:18 GMT"],"Server":["Apache/2.4.17 (Ubuntu)"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Cache-Control":["no-store, no-cache, must-revalidate, post-check=0, pre-check=0"],"Pragma":["no-cache"],"Allow":["POST"],"Transfer-Encoding":["chunked"],"Content-Type":["text/html; charset=UTF-8"]}
* I am on page "/financeiro_legado/finlegado-titulo/index"
[Response] 200
[Page] http://10.0.0.10/CliPainel/backend/web/financeiro_legado/finlegado-titulo/index
[Cookies] {"PHPSESSID":"6hehrk4ddoroplv5so3l6klkb1","_csrf":"07c2d101d6c9e8530f7da67a78d451400eea99b70dc8a722a512661501bc4619a:2:{i:0;s:5:"_csrf";i:1;s:32:"48-nrt97Wc-EEUA0jUh6-USBTS-44ccy";}"}
[Headers] {"Date":["Fri, 11 Dec 2015 17:34:19 GMT"],"Server":["Apache/2.4.17 (Ubuntu)"],"Expires":["Thu, 19 Nov 1981 08:52:00 GMT"],"Cache-Control":["no-store, no-cache, must-revalidate, post-check=0, pre-check=0"],"Pragma":["no-cache"],"Vary":["Accept-Encoding"],"Transfer-Encoding":["chunked"],"Content-Type":["text/html; charset=UTF-8"]}
PASSED
Probably you handle that click with Javascript in the web browser.
Yii2 module of Codeception does not execute Javascript.
Your options are:
a) make your site work with Javascript disabled.
You could achieve that by changing
Logout
To
<form method="POST" action="site/logout">
<input type="submit" value="Logout" />
</form>
b) Use sendAjaxPostRequest method to make POST request
$I->sendAjaxPostRequest('site/logout', []);
Related
I'm tearing my hair out trying to get a simple PATCH API call to change a value in my table. I'm using airtable.
I have a table, named AllTitles, which contains information regarding movies. I have a field in this table called 'liked' and the aim is to assign a value 1 to this cell when the user clicks a button. So I figured and nice simple PATCH would work. I set the default value to 0. The idea being that the title is marked as being liked, so I can filter liked titles and return these to the app.
The KEY value for my table is called myid. I have added a column which calls the function RECORD ID() and this does indeed display the unique record id. I'm using bravo studio, which turns figma design into an app, and using their backend I generate the URL. The URL contains a variable at the end, you guessed it, the record id. When I copy and paste this URL into the browser bar it loads the correct record. However, I am getting a 404 error when I debug.
Request Header:
application/json, text/plain, */*
Content-Type:
application/json
user-agent:
Bravo Data/1.0
Authorization:
Bearer ***
Host:
airtable.com
Content-Length:
24
(API key is correct and GET requests are working fine)
Body of request
"fields": {
"liked": "1"
}
}
Error:
Response Header:
Wed, 25 Jan 2023 17:42:54 GMT
content-type:
text/html; charset=utf-8
content-length:
246156
connection:
close
set-cookie:
AWSALB=F+leSSpTg+mrYU4Zht2ykcCKh8q7PTwcfEPi+wMpFNAocaVY2+FM1HO+w4/Jlk27DietrhMCMPM+SgKbtOlamaShWtfbhOlE7uDJGeD77VI2eClhFgNuws5gS+Hw; Expires=Wed, 01 Feb 2023 17:42:54 GMT; Path=/AWSALBCORS=F+leSSpTg+mrYU4Zht2ykcCKh8q7PTwcfEPi+wMpFNAocaVY2+FM1HO+w4/Jlk27DietrhMCMPM+SgKbtOlamaShWtfbhOlE7uDJGeD77VI2eClhFgNuws5gS+Hw; Expires=Wed, 01 Feb 2023 17:42:54 GMT; Path=/; SameSite=None; Securebrw=brwCHhGJtay2UWLI4; path=/; expires=Thu, 25 Jan 2024 17:42:54 GMT; domain=.airtable.com; samesite=none; securelogin-status-p=; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.airtable.com; secure__Host-airtable-session=eyJzZXNzaW9uSWQiOiJzZXNDNTRZWDdkYzBqTjNRcCJ9; path=/; expires=Fri, 26 Jan 2024 17:42:54 GMT; samesite=none; secure; httponly__Host-airtable-session.sig=aXS4bLusbVBSn5HWa3ScJv3_LC0hyYkl-cD_B5101m0; path=/; expires=Fri, 26 Jan 2024 17:42:54 GMT; samesite=none; secure; httponly
server:
Tengine
strict-transport-security:
max-age=31536000; includeSubDomains; preload
x-frame-options:
SAMEORIGIN
x-xss-protection:
1; mode=block
x-content-type-options:
nosniff
content-security-policy-report-only:
style-src 'unsafe-inline' https:; block-all-mixed-content; object-src 'none'; base-uri 'none'; report-uri https://airtable.com/.csp/report; script-src 'nonce-9IaceKDUeI02' 'unsafe-inline' 'strict-dynamic' 'report-sample' https:
referrer-policy:
same-origin
etag:
W/"3c18c-skDWN0GQdQY5H9HT6YcIG4hRKIQ"
vary:
Accept-Encoding
Response Body:
"<!DOCTYPE html>\n<html style=\"overflow:auto\" lang=\"en\"><head><meta name=\"referrer\" content=\"no-referrer\"/><meta name=\"robots\" content=\"noindex\"/><meta charSet=\"utf-8\"/><meta name=\"theme-color\" content=\"#ffffff\"/><meta name=\"description\" content=\"Airtable is a low-code platform for building collaborative apps. Customize your workflow, collaborate, and achieve ambitious outcomes. Get started for free.\"/><meta name=\"apple-itunes-app\" content=\"app-id=914172636\"/><meta name=\"twitter:card\" content=\"summary_large_image\"/><meta name=\"twitter:site\" content=\"#airtable\"/><meta property=\"fb:app_id\" content=\"1457397314575627\"/><meta property=\"og:site_name\" content=\"Airtable\"/><meta property=\"og:title\" content=\"Airtable | Everyone's app platform\"/><meta property=\"og:type\" content=\"website\"/><meta property=\"og:description\" content=\"Airtable is a low-code platform for building collaborative apps. Customize your workflow, collaborate, and achieve ambitious outcomes. Get started for free.\"/><meta property=\"og:image\" content=\"https://static.airtable.com/images/oembed/airtable.png\"/><meta http-equiv=\"x-ua-compatible\" content=\"ie=edge\"/><meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\"/><title>Page not found - Airtable</title><script nonce=\"9IaceKDUeI02\" src=\"https://static.airtable.com/js/lib/onetrust/202211.1.0/scripttemplates/otSDKStub.js\" data-domain-script=\"2eda840d-10c3-46d7-9084-4cade1b1a306\"></script><script nonce=\"9IaceKDUeI02\" src=\"https://static.airtable.com/js/lib/onetrust/202211.1.0/consent/2eda840d-10c3-46d7-9084-4cade1b1a306/OtAutoBlock.js\"></script><link nonce=\"9IaceKDUeI02\" rel=\"stylesheet\" type=\"text/css\" href=\"/css/compiled/baymax/helpers.css?v=27c119df61346f4f-7\"/><link rel=\"apple-touch-icon\" sizes=\"180x180\" href=\"/images/favicon/baymax/apple-touch-icon.png\"/><link rel=\"icon\" type=\"image/png\" href=\"/images/favicon/baymax/favicon-32x32.png\" sizes=\"32x32\"/><link rel=\"icon\" type=\"image/png\" href=\"/images/favicon/baymax/favicon-16x16.png\" sizes=\"16x16\"/><link rel=\"manifest\" href=\"/images/favico..."
There are no query parameters set. I am at a loss as to what can be the problem when the generated URL works perfectly. It's not the most demanding JSON PATCH request in the world....
i cant found the answer for my problem because i use yii2
HEADERS - General
Request URL:
https://source.myweb.com/css/icons/icomoon/css/icomoon.css Request
Method: GET Status Code: 200 Remote Address: 104.27.189.114:443
Referrer Policy: no-referrer-when-downgrade
RESPONE HEADERS
cache-control: public, max-age=604800
cf-bgj: minify
cf-cache-status: HIT
cf-polished: origSize=48769
cf-ray: 4b3f84c7adf9c388-SIN
content-encoding: br
content-type: text/css
date: Thu, 07 Mar 2019 21:03:53 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 14 Mar 2019 21:03:53 GMT
last-modified: Wed, 20 Feb 2019 15:19:22 GMT
server: cloudflare
status: 200
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
REQUEST HHEADERS
Provisional headers are shown
Referer: https://blog.myweb.com/
User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Mobile Safari/537.36
i was try many answer but i cant resolved this ?
Hi just wondering how I get real data back from the following. I put in this into Oauth 2.0 playgournd:
https://www.googleapis.com/fitness/v1/users/me/dataSources/derive_step_cadence<-raw:com.google.step_count.cumulative:LGE:Nexus 5:bc5f1b97:Step Counter/datasets/8587796212108459505-8587784116108409439
And I get back this:
HTTP/1.1 200 OK
Content-length: 202
X-xss-protection: 1; mode=block
Content-location: https://www.googleapis.com/fitness/v1/users/me/dataSources/derive_step_cadence<-raw:com.google.step_count.cumulative:LGE:Nexus 5:bc5f1b97:Step Counter/datasets/8587796212108459505-8587784116108409439
X-content-type-options: nosniff
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Vary: Origin,X-Origin
Server: GSE
Etag: "hLUJCvL5ZSSqXM3VrwyiV-fn_Cc/UTWu-5kuRnTemL1Tzb1qSZ4O9uk"
Pragma: no-cache
Cache-control: no-cache, no-store, max-age=0, must-revalidate
Date: Fri, 06 Feb 2015 04:22:06 GMT
X-frame-options: SAMEORIGIN
Content-type: application/json; charset=UTF-8
{
"minStartTimeNs": "8587784116108409439",
"maxEndTimeNs": "8587796212108459505",
"dataSourceId": "derive_step_cadence<-raw:com.google.step_count.cumulative:LGE:Nexus 5:bc5f1b97:Step Counter
}
Not any useful data.
Am I doing something wrong?
thanks
Russ
Be sure that timestamp that you provide at the end of the endpoint is in nanotime format.
https://www.googleapis.com/fitness/v1/users/me/dataSources/derive_step_cadence<-raw:com.google.step_count.cumulative:LGE:Nexus 5:bc5f1b97:Step Counter/datasets/000000-1720845034000000000
This solution works like a charm
The last few hours, I have tried to figure out, why the following image is not cached in the browser, after it is requested the first time:
http://runrpg.net/assets/images/screenshots/placeit_outdoor_wide.jpg
I understand that the correct headers have to be set, and currently the response header looks like this:
HTTP/1.1 200 OK
Date: Sat, 04 Jan 2014 16:35:53 GMT
Server: Apache/2.4.4 (Unix) OpenSSL/1.0.1e PHP/5.5.3 mod_perl/2.0.8-dev
Perl/v5.16.3
Last-Modified: Sat, 30 Nov 2013 01:37:52 GMT
ETag: "1dac5-4ec5afebf3c00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 03 Feb 2014 16:35:53 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/jpeg
As you can see, the "Expires" header is set to "Mon, 03 Feb 2014 16:35:53 GMT" and I also included a "Cache-Control: max-age=2592000".
Can you help me and tell me what I am missing?
Your help would be very much appreciated.
Thanks!
This is most likely due to your server not validating ETags correctly. While cache validation through the Last-Modified header works perfectly:
$ HEAD -H "If-Modified-Since: Sat, 30 Nov 2013 01:37:52 GMT" http://runrpg.net/assets/images/screenshots/placeit_outdoor_wide.jpg
304 Not Modified
Cache-Control: max-age=290304000, public
Connection: close
Date: Sat, 04 Jan 2014 19:01:30 GMT
ETag: "1dac5-4ec5afebf3c00"
Server: Apache/2.4.4 (Unix) OpenSSL/1.0.1e PHP/5.5.3 mod_perl/2.0.8-dev Perl/v5.16.3
Expires: Thu, 09 Jan 2014 19:01:30 GMT
Client-Date: Sat, 04 Jan 2014 19:01:30 GMT
Client-Peer: 80.70.3.110:80
Client-Response-Num: 1
The same cannot be said with ETags:
$ HEAD -H 'If-None-Match: "1dac5-4ec5afebf3c00-gzip"' http://runrpg.net/assets/images/screenshots/placeit_outdoor_wide.jpg
200 OK
Cache-Control: max-age=290304000, public
Connection: close
Date: Sat, 04 Jan 2014 19:02:24 GMT
Accept-Ranges: bytes
ETag: "1dac5-4ec5afebf3c00"
Server: Apache/2.4.4 (Unix) OpenSSL/1.0.1e PHP/5.5.3 mod_perl/2.0.8-dev Perl/v5.16.3
Vary: Accept-Encoding
Content-Length: 121541
Content-Type: image/jpeg
Expires: Thu, 09 Jan 2014 19:02:24 GMT
Last-Modified: Sat, 30 Nov 2013 01:37:52 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin, x-requested-with, content-type, X-Titanium-Id
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin: http://127.0.0.1:8020
Client-Date: Sat, 04 Jan 2014 19:02:24 GMT
Client-Peer: 80.70.3.110:80
Client-Response-Num: 1
Bottom line: The problem is your server, not any clients. This seems to be a known issue with Apache 2.4.x. A quick solution to this is by switching ETags off:
FileETag None
I'm following the document https://developers.google.com/drive/push to receive push notifications from Google Drive.
My domain is registered (in the API Access pane in the APIs Console).
I have a custom program in the registered domain listening over htpps (with a Self-signed certificate). https://myveryowndomain.bc.com/drive/notifications
Notification channels are properly created for any change (get response code 200).
I make changes in my Google Drive files but nothing comes to 2, not even the sync message.
Am I missing something?
CONFIG: -------------- REQUEST --------------
POST https://www.googleapis.com/drive/v2/changes/watch
Accept-Encoding: gzip
Authorization: Bearer 1/QRYL1ZHO4KyUmjkbHVWXCWglxJ5e6-xxxxxxxxxxxxx
User-Agent: push-test-project Google-HTTP-Java-Client/1.15.0-rc (gzip)
Content-Type: application/json; charset=UTF-8
Content-Length: 150
Jul 24, 2013 6:02:04 PM com.google.api.client.http.HttpRequest execute
CONFIG: curl -v --compressed -X POST -H 'Accept-Encoding: gzip' -H 'Authorization: Bearer 1/QRYL1ZHO4KyUmjkbHVWXCWglxJ5e6-xxxxxxxxxxxxx' -H 'User-Agent: push-test-project Google-HTTP-Java-Client/1.15.0-rc (gzip)' -H 'Content-Type: application/json; charset=UTF-8' -d '#-' -- 'https://www.googleapis.com/drive/v2/changes/watch' << $$$
Jul 24, 2013 6:02:04 PM com.google.api.client.util.LoggingByteArrayOutputStream close
CONFIG: Total: 155 bytes
Jul 24, 2013 6:02:04 PM com.google.api.client.util.LoggingByteArrayOutputStream close
CONFIG: {"address":"https://myveryowndomain.bc.com/drive/notifications","id":"f143f7ba-759a-42b8-8748-e39a71ba13cc","type":"web_hook"}
Jul 24, 2013 6:02:08 PM com.google.api.client.http.HttpResponse <init>
CONFIG: -------------- RESPONSE --------------
HTTP/1.1 200 OK
ETag: "RFvxxXV9yoZniidCHgcusodAlXI/AaEAn8d9Ma5bpJZNmM0F72Crxxx"
Content-Length: 247
X-XSS-Protection: 1; mode=block
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Server: GSE
X-Content-Type-Options: nosniff
Pragma: no-cache
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-Frame-Options: SAMEORIGIN
Date: Wed, 24 Jul 2013 09:02:08 GMT
Content-Encoding: gzip
Content-Type: application/json; charset=UTF-8
Jul 24, 2013 6:02:08 PM com.google.api.client.util.LoggingByteArrayOutputStream close
CONFIG: Total: 296 bytes
Jul 24, 2013 6:02:08 PM com.google.api.client.util.LoggingByteArrayOutputStream close
CONFIG: {
"kind": "api#channel",
"id": "f143f7ba-759a-42b8-8748-e39a71ba13cc",
"resourceId": "_X2yFKJJ6yLq3eIrw3OSxxxxxxx",
"resourceUri": "https://www.googleapis.com/drive/v2/changes?includeDeleted=true&includeSubscribed=true&maxResults=100&alt=json",
"token": "",
"expiration": "1374660126357"
}
Self-signed SSL seems to be the problem here. It's not only about encryption. It's also about trust issue.
You can get free SSL from StartSSL or CACert.
FYI, expires header is not expiration time of the channel. It's information about cache.
Your real expiration time of the channel can be found at "expiration" field of the response body. It is represented in unix time format and your response "1374660126357" is actually "Wed, 01 Apr 45531 03:05:57 GMT". Default expiration time for changes channel is 1 week.