Bad Header response received for Facebook oauth header - facebook-oauth

For google found that the oauth header format is
GData-Version: 3.0
Authorization: OAuth oauth_version=1.0,oauth_nonce=5887e5b11904194f7d217e9b7f795d62, oauth_timestamp=1317623602,
oauth_consumer_key=56565768768.apps.googleusercontent.com",oauth_verifier=PH9etu_6shPOPvlFgiFJS-Dd,
oauth_token=4%2Fpdn5ZtajHsU-zeSxScNSil43sTK0,oauth_signature_method=HMAC-SHA1,
oauth_signature=ybgad%2B6LlQ8P3rwnFa8BpI8awok%3D
Content-Length: 353
Content-Type: application/atom+xml
Seeing this made a request header for facebook as
Authorization: OAuth oauth_version=1.0,oauth_nonce=5887e5b11904194f7d217e9b7f795d62, oauth_timestamp=1317623602,
oauth_consumer_key=12904260719,oauth_verifier=PH9etu_6shPOPvlFgiFJS-Dd,
oauth_token=4%2Fpdn5ZtajHsU-zeSxScNSil43sTK0,oauth_signature_method=HMAC-SHA1,
oauth_signature=ybgad%2B6LlQ8P3rwnFa8BpI8awok%3D
Content-Type: application/X-WWW-form-urlencoded
What's the mistake in this header
Can anyone help me out please


Got it solved. Facebook is not expecting a header which contains parameters like oauth_nounce, oauth_consumer_key etc

Related

Upload PDF File without FormData

I want to upload a PDF file but can't seem to serialize it correctly. Because of specific requirements I cannot use the FormDataAPI nor an HTML form.
I'm manually creating the multipart/form-data body like so.
------WebKitFormBoundaryFb3Biw9LyOW5jlUQ
Content-Disposition: form-data; name="username"
bill
------WebKitFormBoundaryFb3Biw9LyOW5jlUQ
Content-Disposition: form-data; name="file"; filename="test.pdf"
Content-Type: application/pdf
[object ArrayBuffer]
------WebKitFormBoundaryFb3Biw9LyOW5jlUQ--`
and sending the request via xhr.send(body) where body is my built up string. Is this even possible?
When I've tested using the FormDataAPI I can see the file as a nice big (encoded?) blob in the Chrome network request inspector. Is FormDataAPI doing something that I cannot achieve via JS?

BigCommerce [{"status":415,"message":"The specified input content type is not valid."}]

Trying to create a product rule using Postman on BigCommerce. All my other queries to BC work fine but on this one I receive the
[{"status":415,"message":"The specified input content type is not valid."}]
Doesn't seem to matter what is in the actual body, even if it is empty.
call:
https://api.bigcommerce.com/stores/xxxxxxxxx/v2/products/34371/rules
headers:
X-Auth-Client:xxxxxxxxxxxxxxxxxxxxxxxx
X-Auth-Token:xxxxxxxxxxxxxxxxxxxxxxx
Accept:application/json
Content-Type:application/json

I found that the issue was with Postman.
Postman was changing Content-Type: application/json to multipart/form-data behind the scenes.

SMTP dot-stuffing within MIME boundaries

I guess I ran into a dot-stuffing problem sending SMTP messages. What i basically want to do is to send a message with a text and a attachment part.
In my example I defined a multipart/mixed message like following:
Mime-version: 1.0
Content-Type: multipart/mixed; boundary="YJiPVI9C2M93dRDm"
--YJiPVI9C2M93dRDm
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Message
.
--YJiPVI9C2M93dRDm
Content-Type: application/gzip
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=2015-06-22-114558.tar.gz
H4sIAFbZh1UCA+2dXW/dNhKGc72/QujVLtAmIocjSqdXbbH9AJJt0G63F0URuPZJYdT2MezjNP33
FXkcbyQxh6TmnX4AOTdpUs3D0ejlkOKXbGv4o7b7yNqPjHHM/ZNH8F87/jxz/HP8zf+M/20sO+PZ
--YJiPVI9C2M93dRDm--
If I send the SMTP massage with libcurl like described above i will get connection timeouts. The problem is the single point (after "Message"). I know that this is a escape sign in SMTP, but it should be interpreted as a "normal" point. So how to do this? Is the mime body correct? Do i need to masquerade the single point?

How to find HTTP header for Text updates on a website?

I am creating an application in vb.net that allows users to sign up for text updates via a simple form. When users hit the submit button on the form it will send a POST to the website with the actual sign up form and then the website accepts the data. When I go to get the HTTP POST off of the website it looks very odd and seems to change every time. I am using Live HTTP Headers to get the data. Here is a sample of the header content:
Content-Length: 952
-----------------------------61332911729981
Content-Disposition: form-data; name="_wpnonce"
1d45b60ac9
-----------------------------61332911729981
Content-Disposition: form-data; name="_wp_http_referer"
/
-----------------------------61332911729981
Content-Disposition: form-data; name="_ninja_forms_display_submit"
1
-----------------------------61332911729981
Content-Disposition: form-data; name="_form_id"
1
-----------------------------61332911729981
Content-Disposition: form-data; name="ninja_forms_field_1"
(828) 555-3949
-----------------------------61332911729981
Content-Disposition: form-data; name="ninja_forms_field_2"
unchecked
-----------------------------61332911729981
Content-Disposition: form-data; name="ninja_forms_field_2"
checked
-----------------------------61332911729981
Content-Disposition: form-data; name="_ninja_forms_field_3"
Submit
-----------------------------61332911729981--
Here is a sample of what I previously have gotten from Live HTTP Headers with a newsletter form for email alerts:
fields%5Bemail_address%5D%5Bvalue%5D=blahblah%40email.com&cc_newsletter%5B%5D=1&cc_referral_url=http%253A%252F%252Fpeabodyswineandbeer.com%252F&cc_redirect_url=&constant-contact-signup-submit=Sign+Up&uniqueformid=constant_contact_api_widget-2
Any ideas how to get the first one like the second one? I got them from the exact same section in HTTP Live Headers, but I have no idea how to use the first one to POST data to the website.

http authorization header in html

I need help in setting the authorization header in html file. So I used OAuth tool on dev.twitter.com and got this header content:
Authorization: OAuth oauth_consumer_key="BKsXdR3SO4hSZyFT2JevHQ", oauth_nonce="718a5099a51230e737474c7e76d21581", oauth_signature="rQ5DJWi8qMmdR76rwIOwJYUhuvc%3D", oauth_signature_method="HMAC-SHA1", oauth_timestamp="1341342796", oauth_token="69848552-B6geQZCA8ttirQIMKrIk47SOE541V7d5ZcYwEBUqQ", oauth_version="1.0"
Now I don't know what to do. I tried this:
<meta name="Authorization" content="OAuth"
oauth_consumer_key="BKsXdR3SO4hSZyFT2JevHQ",
oauth_nonce="b98cf39b3f8dba6286cbd1b741eb7504",
oauth_signature="Vgmudlrkv1dzFel9zpFztXfR6gI%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1341339879",
oauth_token="69848552-B6geQZCA8ttirQIMKrIk47SOE541V7d5ZcYwEBUqQ",
oauth_version="1.0">
But it doesn't work! I am sure doing something wrong.
Help, please!
Aram.

There's an essential difference of headers. OAuth requires an "Authorization" on HTTP header, not in HTML header.
POST /1/statuses/update.json?include_entities=true HTTP/1.1
Accept: */*
Connection: close
User-Agent: OAuth gem v0.4.4
Content-Type: application/x-www-form-urlencoded
Authorization:
OAuth oauth_consumer_key="xvz1evFS4wEEPTGEFPHBog",
oauth_nonce="kYjzVBB8Y0ZFabxSWbWovY3uYSQ2pTgmZeNu2VS4cg",
oauth_signature="tnnArxj06cWHq44gCs1OSKk%2FjLY%3D",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="1318622958",
oauth_token="370773112-GmHxMAgYyLbNEtIKZeRNFsMKPR9EyMZeS9weJAEb",
oauth_version="1.0"
Content-Length: 76
Host: api.twitter.com
You can set this headers on a request through server-side scripting (with PHP, Python, ...)

You can do HTTP requests (specifically XMLHttpRequests) from Javascript using AJAX calls (e.g. with jQuery). Check the example for the Perfect jQuery AJAX Request. Then you also can also set your request header.