In php you can retrive only headers without body
function UR_exists($url){
$headers=get_headers($url);
return stripos($headers[0],"200 OK")?true:false;
}
How I can do this in dart?
Maybe some of http.get() with anyone parameters in headers can help?
You could get the headers this way:
final response = await http.get(yourUri, headers: {'method': 'HEAD'});
print(response.headers);
If you want, you can of course wrap that in a function that only returns the headers, so it will be similar to the command you are used to. Something like this (you would have to make it more robust for handling errors, failed requests etc...):
Future<Map<String, String>> getHeaders(Uri uri) async {
return (await http.get(uri, headers: {'method': 'HEAD'})).headers;
}
So running it like this:
print(await getHeaders(Uri.parse('http://www.google.com')));
Will print (in my case):
{set-cookie: AEC=datadatadata; expires=Wed, 10-May-2023 13:17:58 GMT;
path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax,
cache-control: private, max-age=0, date: Fri, 11 Nov 2022 13:17:58
GMT, content-encoding: gzip, content-length: 6747, x-frame-options:
SAMEORIGIN, content-type: text/html; charset=ISO-8859-1,
x-xss-protection: 0, server: gws, expires: -1}
Related
I need to create REST Assured api code using java for the below api configuration :
My Code is as below :
// First convert data table to the String map.
Map<String, String> map = tableData.asMap(String.class, String.class);
// We need headers params for this request. So first we are making headers params map for passing it to the request.
HashMap<String, String> header_params = new HashMap<>();
header_params.put("x-auth-token", getValueFromPropertyFile(PropertyFileKeys.X_AUTH_TOKEN));
// Add content type as form-data.
header_params.put("Content-Type", "application/json");
// Get the SIP Device number based on the customer id.
String sip_device_number = FaxerUsefullResource.getSIPDeviceNumberForCustomerAccount(admin_login_token,customer_id);
print("SIP Device number of customer account id : "+customer_id+" is : " + sip_device_number);
// Build the request specification.
RequestSpecification request_specification_builder = new RequestSpecBuilder()
// Set the Base Uri. Value of baseURL we are taking from the "config.properties" file.
.setBaseUri(getValueFromPropertyFile(PropertyFileKeys.BASE_URL))
// Set up the header params.
.addHeaders(header_params)
// Build entire request specification.
.build();
// Make the Request specification from the built request specification.
request_specification = given()
// Bind the built configuration with request.
.spec(request_specification_builder)
// Add form data parameter with values.
.formParam("id","1")
.formParam("token",admin_login_token)
.formParam("action","faxer_create")
.formParam("sip_device",sip_device_number)
.formParam("fax_number",map.get("fax_number"))
.formParam("fax_type",map.get("fax_type"))
.formParam("description",map.get("description"));
// Calling the request and store the response for further verification.
response = hit_https_request_and_return_response("FaxerAPI", API_method, request_specification);
But when run the code everytime i got the session issue. That i am logged out.
SIP Device number of customer account id : 412 is : 2540285577
Resource name : FaxerAPI
End point : /admin/faxer/
Request method: POST
Request URI: https://alpha.astppbilling.org/admin/faxer/
Proxy: <none>
Request params: <none>
Query params: <none>
Form params: id=1
token=OTlEckI5QjJBb3dCMy9vM0EwZDM2dz09
action=faxer_create
sip_device=2540285577
fax_number=0001
fax_type=1
description=APIAutomationDescription
Path params: <none>
Headers: x-auth-token=PRLgav3UWUAkh5OAL6zL6EizBuRm37Ok
Accept=*/*
Content-Type=application/json
Cookies: <none>
Multiparts: <none>
Body: <none>
HTTP/1.1 400
Server: nginx/1.18.0
Date: Wed, 09 Nov 2022 06:16:10 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ITPLATPci_session=a%3A0%3A%7B%7D; expires=Tue, 09-Nov-2021 16:16:10 GMT; Max-Age=0; path=/
Set-Cookie: ITPLATPci_session=B2ECYFUzBGkHeABzUTUFOAM7Vj4HJVEgUmJQJQIlAm0GNFNtBAxRalEyVC4BaQAkAD4AM1Q4ADZWfF1tUWACNFdkUm0FNwEzAWxTNwM1UTIHOQI5VTcEZAc0AGZRPwU6Az9WMgc%2BUTVSY1BvAm8CYgZvU2IEYlFlUWFULgFpACQAPgAxVDoANlZ8XWZRIQJfV2NSMAU1AXUBOVNwAydRIQc7AilVPARiBzcAOlEtBTgDOlYzBylRYVI1UGUCeAIyBm9TLQRiUTpRZVQuAWkAJAA%2BADFUOgA2VnxdelEiAmVXcFILBTABYAE5U20DIFEhBzsCKVU8BGAHOgA6US0FSAN7VmUHZFE7UmJQewIeAnAGL1NzBBBRb1E%2FVGkBPAAjACsANFQkADlWcF0%2BUWICIFcqUh4FMAFxAT1TLANlUTIHLgJqVSgEYgcwAClRLQUyA3hWPgc2UWBSPVB0AjoCZQYoU3cEDFFiUTVUeAE7ACEAbQB0VHMALlZlXWZRawIxVzRSYgVmAT4Ba1M3A2FRNAcwAmFVdQRpBzoAOlEtBXwDeFZhB3VRDFJjUDcCIgJlBnlTOAQgUTlRZlQ2AXAAdQA%2FAH0%3D; expires=Wed, 09-Nov-2022 08:16:10 GMT; Max-Age=7200; path=/
Set-Cookie: ITPLATPci_session=AWdXNVYxCmdQLwR3UjYHOggwUztRc1EgUGBWIw0qUD9dbwE%2FBw8FPlEyWSNaMgouBTsAM1Y6BzECKFRkBzYHMQo5CjUENlFjVDkBZQE3DG8BP1dsVjQKalBjBGJSPAc4CDRTN1FoUTVQYVZpDWBQMF00ATAHYQUxUWFZI1oyCi4FOwAxVjgHMQIoVG8HdwdaCj4KaAQ0USVUbAEiASUMfAE9V3xWPwpsUGAEPlIuBzoIMVM2UX9RYVA3VmMNd1BgXTQBfwdhBW5RZVkjWjIKLgU7ADFWOAcxAihUcwd0B2AKLQpTBDFRMFRsAT8BIgx8AT1XfFY%2FCm5QbQQ%2BUi4HSghwU2BRMlE7UGBWfQ0RUCJddAEhBxMFO1E%2FWWRaZwopBS4ANFYmBz4CJFQ3BzQHJQp3CkYEMVEhVGgBfgFnDG8BKFc%2FVisKbFBnBC1SLgcwCHNTO1FgUWBQP1ZyDTVQN11zASUHDwU2UTVZdVpgCisFaAB0VnEHKQIxVG8HPQc0CmkKOgRnUW5UPgFlAWMMaQE2VzRWeA%3D%3D; expires=Wed, 09-Nov-2022 08:16:10 GMT; Max-Age=7200; path=/
Expires: Tue, 01 Jan 2000 00:00:00 GMT
Last-Modified: Wed, 09 Nov 2022 06:16:10 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
{
"status": false,
"error": "You are already logged out. Please login again",
"response_code": 400
}
How can i resolved this ?
Try changing the content-type header to 'application/x-www-form-urlencoded' instead of 'application/json'
You can also check this article for more details: https://www.baeldung.com/postman-form-data-raw-x-www-form-urlencoded
When using httpClient to connect to twitter I Always get this response
responseString{StatusCode: 401, ReasonPhrase: 'Unauthorized', Version:
1.1, Content:System.Net.Http.StreamContent, Headers: { strict-transport-security: max-age=631138519 Date: Fri, 31 Jan 2014
00:35:10 UTC Set-Cookie: guest_id=v1%3A139112851013762159;
Domain=.twitter.com; Path=/; Expires=Sun, 31-Jan-2016 00:35:10 UTC
Server: tfe Content-Length: 63 Content-Type: application/json;
charset=utf-8 } }
System.Net.Http.HttpResponseMessage
I googled
strict-transport-security: max-age
found people suggested to change the access setting of the twitter app to Read, Write and Access direct messages, i Did so but nothing changed , so if any one faced the same problem or any body has suggestions , it would be appreciated
There are multiple reasons this might happen. I have this question on the LINQ to Twitter FAQ with several suggestions on how to debug:
https://linqtotwitter.codeplex.com/wikipage?title=LINQ%20to%20Twitter%20FAQ
I don't know what I do wrong, but everytime I tried to obtain the token (after user authentication of course), the result is always Invalid grant_type parameter or parameter missing
Possibly related to Box API always returns invalid grant_type parameter on obtaining access token
Here is my fiddler result:
POST https://api.box.com/oauth2/token HTTP/1.1
Host: api.box.com
Content-Length: 157
Expect: 100-continue
Connection: Keep-Alive
grant_type=authorization_code&code=nnqtYcoik7cjtHQYyn3Af8uk4LG3rYYh&client_id=[myclientId]&client_secret=[mysecret]
Result:
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 07 Mar 2013 11:18:36 GMT
Content-Type: application/json
Connection: keep-alive
Set-Cookie: box_visitor_id=5138778bf12a01.27393131; expires=Fri, 07-Mar-2014 11:18:35 GMT; path=/; domain=.box.com
Set-Cookie: country_code=US; expires=Mon, 06-May-2013 11:18:36 GMT; path=/
Cache-Control: no-store
Content-Length: 99
{"error":"invalid_request","error_description":"Invalid grant_type parameter or parameter missing"}
Even following the curl example gives the same error. Any help would be appreciated.
Edit: tried with additional redirect_uri params but still the same error
POST https://api.box.com/oauth2/token HTTP/1.1
Content-Type: application/json; charset=UTF-8
Host: api.box.com
Content-Length: 187
Expect: 100-continue
Connection: Keep-Alive
grant_type=authorization_code&code=R3JxS7UPm8Gjc0y7YLj9qxifdzBYzLOZ&client_id=*****&client_secret=*****&redirect_uri=http://localhost
Result:
HTTP/1.1 400 Bad Request
Server: nginx
Date: Sat, 09 Mar 2013 00:46:38 GMT
Content-Type: application/json
Connection: keep-alive
Set-Cookie: box_visitor_id=513a866ec5cfe0.48604831; expires=Sun, 09-Mar-2014 00:46:38 GMT; path=/; domain=.box.com
Set-Cookie: country_code=US; expires=Wed, 08-May-2013 00:46:38 GMT; path=/
Cache-Control: no-store
Content-Length: 99
{"error":"invalid_request","error_description":"Invalid grant_type parameter or parameter missing"}
Looks like Box requires a correct Content-Type: application/x-www-form-urlencoded request header in addition to properly URL encoding the parameters. The same seems to apply to refresh and revoke requests.
Also, per RFC 6749, the redirect_uri is only
REQUIRED, if the "redirect_uri" parameter was included in the authorization request
as described in Section 4.1.1, and their values MUST be identical.
I was facing a similar issue.
The problem is not with Content-Type.
The issue is with the lifecycle of code you receive.
One key aspect not mentioned in most places is that the code you get on redirect lasts only 30 seconds.
To get the access token and refresh token, you have to make the post request in 30 seconds or less.
If you fail to do that, you get the stated error. I found the info here.
Below code worked for me. Keep in mind, the 30-second rule.
import requests
url = 'https://api.box.com/oauth2/token'
data = [
('grant_type', 'authorization_code'),
('client_id', 'YOUR_CLIENT_ID'),
('client_secret', 'YOUR_CLIENT_SECRET'),
('code', 'XXXXXX'),
]
response = requests.post(url, data=data)
print(response.content)
Hope that helps.
You are missing the redirect URI parameter. Try:
POST https://api.box.com/oauth2/token HTTP/1.1
Host: api.box.com
Content-Length: 157
Expect: 100-continue
Connection: Keep-Alive
grant_type=authorization_code&code=nnqtYcoik7cjtHQYyn3Af8uk4LG3rYYh&client_id=[myclientId]&client_secret=[mysecret]&redirect_uri=[your-redirect-uri]
I have also face same issue implementing oauth2. I have add Content-Type: application/x-www-form-urlencoded. When I add content-type my issue solved.
Check and add valid content-type.
Not sure who might need this in the future but be sure you're sending a POST request to get the access token and not trying to retrieve it by using GET or if you're testing- pasting in the address bar won't work, you need to send a POST request with the data in the BODY and not as query parameter.
Also the code usually lasts for a few seconds, so you need to use it as soon as its sent back.
I am using JBoss 7.1 and have secured my web application with Basic authentication but I want only the first call to require the Basic authentication header, sequent calls should use the jsessionid for authentication. How to accomplish this?
So far I have created a rest servlet enforcing the creation of a session with a call to request.getSession()
#Path("/rest/HelloWorld")
public class HelloWorld {
#GET()
#Produces("text/plain")
public String sayHello(#Context HttpServletResponse response,
#Context HttpServletRequest request) {
HttpSession session = request.getSession();
return "Hello World! " + request.getUserPrincipal().getName();
}
My idea was that any other calls should only require the jsessionid cookie, but when looking in fiddler I see that the first call is behaving as expected. First you get a 401 and the client is re-sending including the basic authorization header and a jsessionid is returned. On the second call the jsessionid cookie is included but I still get an 401 that triggers the client to re-send the Basic authorization header.
This is the returned headers from the successful authenticated first call.
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
Set-Cookie: JSESSIONID=AFDFl2etiUNkn-mpM+DXr3KE; Path=/Test
Content-Type: text/plain
Content-Length: 18
Date: Tue, 29 Jan 2013 09:12:48 GMT
Hello World! test1
when I make a second call the jsessionid is included
GET /Test/index.html HTTP/1.1
Host: cwl-rickard:8080
Cookie: JSESSIONID=AFDFl2etiUNkn-mpM+DXr3KE
and I am getting a 401 enforcing the client to re-send the request including the basic authorization header.
HTTP/1.1 401 Unauthorized
Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
WWW-Authenticate: Basic realm="ApplicationRealm"
Content-Type: text/html;charset=utf-8
Content-Length: 958
Date: Tue, 29 Jan 2013 09:12:48 GMT
Any ideas what I am missing.
I am viewing an HTML page in a standard iOS UIWebView. Inside this page I have a standard YouTube embed, something like this:
<iframe id="video-play" width="624" height="350" src="http://www.youtube.com/embed/hBLf_N-T0vI" allowfullscreen class="hide fade"></iframe>
This works fine in all cases on the browser, and in most cases in a UIWebView. But for some videos I get the (I think misleading) message:
"The uploader has not made this video available in your country."
The problem is somewhere in the get_video_info call, and related to the fact that from a UIWebView it seems the eurl paramter is set to "unknown"
So this request works from within a UIWebView:
http://www.youtube.com/get_video_info?html5=1&video_id=hBLf_N-T0vI&eurl=unknown&ps=native&el=embedded&hl=en_GB
This fails, with errorcode 150 and the error message I mentioned above (it will work fine in a browser so use the raw HTTP request below)
http://www.youtube.com/get_video_info?html5=1&video_id=DldaCQby3j4&eurl=unknown&ps=native&el=embedded&hl=en_GB
If I change the eurl=unkown into eurl=http://rubbish.com/ then it works again:
http://www.youtube.com/get_video_info?html5=1&video_id=DldaCQby3j4&eurl=http://rubbish.com&ps=native&el=embedded&hl=en_GB
I've tried to look at the properties of the videos that are failing but can't figure out what is causing the difference between the good ones and the bad ones. I've looked at embed settings, privacy and tracking settings and anything else I can think of.
My other option is to figure out how to add an eurl paramter to the request.
Help!
Jon
If anyone wants the full HTTP requests/response:
BAD REQUEST
GET /get_video_info?html5=1&video_id=DldaCQby3j4&eurl=unknown&ps=native&el=embedded&hl=en_GB HTTP/1.1
Host: www.youtube.com
BAD RESPONSE
HTTP/1.1 200 OK
Date: Fri, 23 Nov 2012 15:42:47 GMT
Server: gwiseguy/2.0
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Set-Cookie: use_hitbox=d5c5516c3379125f43aa0d495d100d6ddAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: VISITOR_INFO1_LIVE=fH943IGDAFc; path=/; domain=.youtube.com; expires=Sun, 21-Jul-2013 15:42:47 GMT
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
P3P: CP="This is not a P3P policy! See //support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info."
Content-Type: application/x-www-form-urlencoded
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
status=fail&errorcode=150&reason=The+uploader+has+not+made+this+video+available+in+your+country.&storyboard_spec=http%3A%2F%2Fi1.ytimg.com%2Fsb%2FDldaCQby3j4%2Fstoryboard3_L%24L%2F%24N.jpg%7C48%2327%23100%2310%2310%230%23default%23w3GCNZfS0BvXcAQIB1BBnUJRlrY%7C80%2345%23112%2310%2310%232000%23M%24M%23VDmT14lMI4g0sdAxTbIujmEIkkI%7C160%2390%23112%235%235%232000%23M%24M%23c1uKcYcKallke_fsXgoUOkSHnwA&errordetail=0
GOOD REQUEST
GET /get_video_info?html5=1&video_id=DldaCQby3j4&eurl=http%3A%2F%2Frubbish.com%2F&ps=native&el=embedded&hl=en_GB HTTP/1.1
Host: www.youtube.com
GOOD RESPONSE
HTTP/1.1 200 OK
Date: Fri, 23 Nov 2012 15:42:34 GMT
Server: gwiseguy/2.0
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Set-Cookie: use_hitbox=d5c5516c3379125f43aa0d495d100d6ddAEAAAAw; path=/; domain=.youtube.com
Set-Cookie: VISITOR_INFO1_LIVE=zG2n4ZwVAdY; path=/; domain=.youtube.com; expires=Sun, 21-Jul-2013 15:42:33 GMT
Expires: Tue, 27 Apr 1971 19:44:06 EST
Cache-Control: no-cache
P3P: CP="This is not a P3P policy! See //support.google.com/accounts/bin/answer.py?answer=151657&hl=en-US for more info."
Content-Type: application/x-www-form-urlencoded
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Transfer-Encoding: chunked
account_playback_token .... (chopped for brevity).
Could something to do with "claimed" videos. A contact at YouTube got back to us:
"The videos [that worked] are claimed and the others aren't, so
something in the claiming process is causing the issue."