I've been sniffing some XMPP messages from a system that I'm working on, and am getting messages like the following
<message to="client#address" type="chat" xml:lang="en" from="server#address/RestApi">
<body>HTTP/1.0 200 OK\nContent-Length: 640\nContent-Type: application/json\nconnection: close\n\n
5EBW5RuFo7QojD4F1Uv0kOde1MbeVA46P3RDX6ZEYKaKkbLxanqVR2I8ceuQNbxkgkfzeLgg6D5ypF9jo7yGVRbR/ydf4L4MMTHxvdxBubG5HhiVqJgSc2+7iPvhcWvRZrRKBEMiz8vAsd5JleS4CoTmbN0vV7kHgO2uVeuxtN5ZDsk3/cZpxiTvvaXWlCQGOavCLe55yQqmm3zpGoNFolGPTNC1MVuk00wpf6nbS7sFaRXSmpGQeGAfGNxSxfVPhWZtWRP3/ETi1Z+ozspBO8JZRAzeP8j0fJrBe9u+kDQJNXiMkgzyWb6Il6roSBWWgwYuepGYf/dSR9YygF6lrV+iQdZdyF08ZIgcNY5g5XWtm4LdH8SO+TZpP9aocLUVR1pmFM6m19MKP+spMg8gwPm6L9YuWSvd62KA8ASIQMtWbzFB6XjanGBQpVeMLI1Uzx4wWRaRaAG5qLTda9PpGk8K6LWOxHwtsuW/CDST/hE5jXvWqfVmrceUVqHz5Qcb0sjKRU5TOYA+JNigSf0Z4CIh7xD1t7bjJf9m6Wcyys/NkwZYryoQm99J2yH2khWXyd2DRETbsynr1AWrSRlStZ5H9ghPoYTqvKvgWsyMVTxbMOht86CzoufceI2W+Rr9
</body></message>
I don't really understand what I've got here: it seems to be a XMPP message which is somehow encoding the result of a REST API call that returns JSON. The body of the message seems to be just a HTTP response (basically they seem to have just shoved the HTTP response directly into a XMPP message), but it definitely doesn't look like JSON to me!
I've tried doing a base64 decode of the data within the HTTP response, but it doesn't come up with anything sensible.
Does anyone have any idea how to decode this data? I assume JSON is hidden in there somewhere, but I can't see how or where.
Related
I am writing a http handler for a server and I am looking directly at the http requests when they come in from different clients. I can easily deal with normal http requests. The problem occurs when I get a GET or POST request. I do not know how to access the data from the GET or the POST therefore I cannot continue. Could someone please point me in the direction of some where which deals with the issue on how to access the data. Thanks in advance.
Answer:
to do this:
In a GET request the data comes in the URL itself therefore just parse the URL from the HTTP request and look for the question mark and the arguments.
For a POST request there are 2 different ways however the main one means that the arguments are put in the body of the request like this:
q=hello&v=world
The length is specified in the request as well so if you need it is under Content-Length:
I'm using postman to test calling a rest service endpoint.
I'm trying to parse the JSON return content but it throws an error because the response body has more than just JSON.
This is how I parse it in my postman test script:
var jsonData = JSON.parse(responseBody);
Here is the response body:
--13398550-b6ea-4731-a8ee-4b2ad24c3cfe
Content-Type: application/json; charset=utf-8
//this is the actual content I want to parse --->
{"id":"123456","value":"the_value"}
--13398550-b6ea-4731-a8ee-4b2ad24c3cfe--
When I try to parse it, I get the following error (in postman)
There was an error in evaluating the test script: SyntaxError:
Unexpected number in JSON at position 3
Obviously because the content being parsed is not just JSON
Is this something special that the api is doing? Or am I just parsing it incorrectly?
NOTE: I'm not including details of the rest service function. If the cause of this issue is something that is being done by the service itself, then that is enough of an answer for me to perhaps ask another question or do some further investigation. The purpose of this question is to ask whether this is something special being done in HTTP, or if it's the service.
Edit:
I managed to see the server side code and it is indeed manually building the response with boundaries identified by a GUID. I'll have to manually parse the response
The server is not emitting straight up application/json, it's packed in a multipart mime envelope.
Whether or not it's doing that correctly depends on the response headers. If you didn't expect a multipart response, but a simple JSON response, then I'd say yes: it's something you need to fix server-side.
Let's say I'm making the http request below, to update some record in a mongoDB database:
PUT
http://dev.mycompany.co/ping
{"id":4432, "name":"Jane Doe", "products":[ {"id":287}, {"id":434} ] }
Notice that there is an array of two objects inside the "products" property of the JSON above. I have data that is being sent in this general format, both through Fiddler and through a ruby script I've written.
When sent through Fiddler, my data in the JSON is correctly parsed and updated into my database. When sent through my ruby script, the data in the JSON is not parsed correctly. I've been trying to figure out why this is. Now, I'm wondering how data is actually sent when a JSON is sent along with an http request. Can someone point me in the right direction?
After asking a few other questions on SO and doing a bunch more research, I've arrived at the following conclusions.
Q: How does JSON data get sent in an http request?
A: It depends on how you are sending the JSON data in the request (what is the content-type)
I've encountered two ways that JSON data is sent.
Sent using content-type application/json
With this content-type, JSON data is sent literally as-is. The literal JSON data is stored as a string and sent with the request. If your JSON is complex, with nested objects and arrays and such, this is probably what you want. For a working example of sending nested JSONs using Ruby's Net/HTTP, see the answer on this SO question I asked.
Sent using content-type x-www-form-urlencoded
This is how Ruby's Net/HTTP requests typically get sent out. The form of these requests is something like: id=343?entity=Microsoft?foo=bar. This content-type is fine until you have a complex JSON.
I need to send POST request and get json from it.
Create Http Context emopstest.pdc.org http
Set Request Header Content-Type application/x-www-form-urlencoded
Set Request Header Authorization Basic bG9naW46cGFzcw==
${dict}= Create Dictionary app_ids=18 where=ROWNUM<=2000
${value}= Stringify Json ${dict}
Set Request Body ${value}
HttpLibrary.HTTP.POST /auth_srv/services/auth/1/json/get_hazards
Show Response Body In Browser
Response Status Code Should Equal 200
${result_text}= Get Response Body
${result_json}= Parse Json ${result_text}
But this code returns to me 404...
What is wrong?
The 404 means that the server couldn't find the resource you requested. Usually that means the URL was wrong. Depending on how the server is configured, it could also mean that your authorization is wrong (ie: some applications will give a 404 in the case of bad authentication, so that an attacker isn't given a clue that the credentials are incorrect)
The server logs should have information that will help you track down whether you have an incorrect URL or that the server has a bug.
I am implementing an RESTful Webservice which returns every content formatted as JSON. I am also using Spring OAuth2, but all error messages like invalid access token etc are returned in XML format. How can I return these OAuth2 errors as JSON?
By the way, the access tokens are returned as JSON String.
We have faced the same problem.
After hours and hours of configuring it on server side we have found better way to migrate this nuisance.
Error messages for OAuth2 for Spring defaults to xml but with one simple trick you can change them to JSON: by sending Accept: application/json in request headers.
Hope I helped a bit.