I'm just beginning the implementation of my Web Service for passbook.
In the docs I see there's an optional endpoint for logs, but don't understand what uses/consumes this endpoint?
As far as I can tell, it's only used by humans who wish to check the logs.
For clarity, Apple's docs say the logs should be accessible via a
POST request to webServiceURL /version /log
but I can't see why we couldn't use a GET request to webServiceURL/version/myAppsLogs
According to the specification, Passbook will POST a JSON document to your logging endpoint. GET wouldn't allow submitting data. This JSON document will only have one key "logs" which is an array of strings. You need to respond only with an HTTP 200 status.
A sample communication would look like this:
POST /yourwebServiceURL/v1/log HTTP/1.1
Host: yourserver
Content-Type: application/json
Content-Length: 83
{
"logs" : [
"log message 1",
"log message 2",
"log message n"
]
}
HTTP/1.1 200 OK
Connection: Close
Passbook itself uses this url if it finds an error in the pass, or in your implementation of the api. I definitely recommend logging everything that comes through this url, the errors are pretty comprehensive, and it helped me find some problems I didn't know that I had.
You need to implement the
POST request to webServiceURL /version /log
so Passbook can upload logs to your server.
The GET call to fetch the logs depends on what you do when you receive the logs in the POST call. For example if you save them on a file, you can let the user (probably an admin user) download the file or a part of it.
If you save the each POST action on a row on a database, you can send the last n rows...
Related
I call a http request,The reponse is html,but gatling get the response is incomplete.What should I do
I think a part of I need that is gatling supported resources.It is under the tag 'table'.
The server may not be returning the complete response due to an error or a problem with the server-side code. In this case, you should check the server logs to see if there are any errors, and you should also check the HTTP response headers to see if there are any indications of what went wrong.
The HTTP request may be failing or being blocked by a firewall or other network security device. In this case, you should check the network logs to see if the request is being sent and received successfully, and you should also check any network security settings to ensure that the request is not being blocked.
The HTML response may not be well-formed or may be missing some elements, such as the 'table' element you mentioned. In this case, you should validate the HTML using a tool such as the W3C HTML Validator, and you should also check the HTML source to ensure that all required elements are present.
User issue, as concluded on the Gatling community forum.
I've been stuck on this same 400 error for almost a week; if anyone can help I will be thrilled.
In the product I'm working with, there are two APIs. Call one API Joe and the other one Sean. So, Joe the API can already do the thing I'm trying to implement in Sean, which is having a route like /users/:user_guid/:date/files/:file_guid that pulls down files from Ceph. The files are stored in a bucket owned by a third service, but both Joe and Sean have been granted read permission.
So both Joe and Sean are using information in the route to construct a GET request to Ceph. They are also drawing from cephrgw.yml files to get a personalized secret access key for authentication.
The Ceph logs show the two APIs' requests being the same (when I request the same file) except for their personalized secret access key... but Joe gets a 200 and returns the file while Sean gets the mysterious 400 Bad Request without other specification. This led me to believe it was an authentication issue BUT here's the thing: If I comment out Joe's cephrgw.yml file and replace it with Sean's--so now Joe has Sean's secret access key and the GET requests are absolutely identical--Joe still gets a 200.
The logs show no difference between the requests but I'm getting a different result. I'm stumped. What could cause a 400 Bad Request from Ceph that wouldn't influence the GET URL?
Edit: this could be of use too. When I send the request from Sean in postman, I get back a 200 in Sean's logs; rails says everything went just fine since it successfully sent the request. But I get the 400 in Ceph and a weird xml error in postman that looks like this (blanks are names removed):
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>InvalidArgument</Code>
<RequestId>tx000000000000000019efd-006116fe6d-1879_____</RequestId>
<HostId>1879_______</HostId>
</Error>
I am working on an old classic asp site that uses vbscript for the server code and HTML and JavaScript for the client end. I am communicating with an external server which handles the credit card payment details.
I have found loads of answers for getting the response from a POST to the server (both from the client using JavaScript and from our own website server using vbscript). However what I am failing to find is how to respond from my server to an POST made from the credit card gateway server.
The sequence goes something like this:
I post all the transaction details to the gateway server
They immediately respond with a success status, a security key, a transaction ID, and a URL to which I must immediately redirect.
They then send a 'notification' post to a URL, that I gave in the first post, with an MD5 hash made up from details of the transaction and, importantly, the security key. I must generate the same MD5 hash and check that it matches. This is obviously to confirm that the initial transaction has not been compromised in any way.
Having done the security check I am required to respond: "When we receive your response to our notification POST, we determine where to direct your customers browser based on your response Status:"
That last stage is the one I am struggling with. I'm sure it's something really simple and silly but I just can't find any information anywhere. I have found lots of stuff on HTTPResponse but that all seems to be getting the response from a POST that I have made (and I have used this in the earlier stages) whilst here I am wanting to generate a response to a POST I have received. Note this must all be done at my server end as the credit card gateway have the IP address of our server and will only accept these transactions from that IP address therefore none of this can be sent from the customer's browser.
Sorry if this is really dumb! I am a C++ developer not a web developer but, as is the way with these things, I am having to do this bit of web development!
What you are talking about here is a consumer (the Gateway server) sending a POST request to an endpoint on your web application, which you should handle just the same as if you were receiving a POST from a local request, the process is the same.
Here is a basic example;
<%
'Expect only POST data to this page
If UCase(Request.ServerVariables("REQUEST_METHOD") & "") = "POST" Then
'Craft your response
Call BuildResponse()
Else
'Anything other then a POST should be met with a 404 response.
Response.Status = "404 Not found"
End If
Call Response.End()
'Sub for crafting your response.
Sub BuildResponse()
'Do we have a form field of "somevalue" with a value of "yes"?
If LCase(Request.Form("somevalue") & "") = "yes" Then
Call Response.Write("Hello world - Valid")
Else
Call Response.Write("Hello world - Invalid")
End If
End Sub
%>
This is just a basic example that expects a form post parameter of "somevalue" with a value of "yes". Based on this it returns a conditional response.
Obviously, you will need to pad out the response based on your requirements but this should give you some idea of how to structure it.
Side-note: As you won't be the consumer yourself it might be an idea to output a text file or setup an email that reports the passed form parameters to help you debug what the consumer is POSTing to the page to help you work out how to handle the request and generate a valid response the consumer expects.
Useful Links
How to check form submission ASP classic
ASP - Printing the entire request contents
How to create a new text file with asp?
I am attempting to use the REST api of Jenkins. Jenkins requires a POST request to a URL to delete a job. This results in the following:
I tell my chosen Client to send a POST to the appropriate URL.
The client sends a POST and authorizes itself with username and password.
Jenkins deletes the job.
Jenkins returns a "302 - Found" with the location of folder containing the deleted job.
Client automatically sends a POST to the location.
Jenkins answers with "200 - OK" and the full HTML of the folder page.
This works just fine with Postman (unless I disable "Automatically follow redirects" of course).
Jersey however keeps running into a "404" at step 5 because I blocked anonymous users from viewing the folder in question. (Or a "403" if I blocked anonymous users altogether.)
Note that the authentication works in step 1 because the job has been deleted successfully!
I was under the impression that Jersey should use the given authentication for all requests concerning the client.
Is there a way to actually make this true? I really don't want to forbid redirects just to do every single redirect myself.
To clarify: The problem is that while Jersey follows the redirect, but fails to authenticate itself again, leading to the server rejecting the second request.
Code in question:
HttpAuthenticationFeature auth = HttpAuthenticationFeature.basicBuilder()
.credentials(username, token)
.build();
Client client = ClientBuilder.newBuilder()
.register(auth)
.build();
WebTarget deleteTarget = client.target("http://[Jenkins-IP]/job/RestTestingArea/job/testJob/doDelete")
Response response = deleteTarget.request()
.post(null);
EDIT: The "302-Found" only has 5 headers according to Postman: Date, X-Content-Type-Options ("nosniff"), Location, Content-Length (0) and Server. So neither any cookies nor any tokens that Postman might use and Jersey disregard.
Question loosely related to this one - if I were able to log the second request I might be able to understand what's happening behind the scenes.
EDIT2: I have also determined that the problem is clearly with the authentication. If I allow anonymous users to view the folder in question, the error disappears and the server answers with a 200.
I found the answer with the help of Paul Samsotha and Gautham.
TL;DR: This is intended behavior and you have to set the System property http.strictPostRedirect=true to make it work or perform the second request yourself.
As also described here, HttpURLConnection decided to not implement a redirect as it is defined in the HTTP standard but instead as many browsers implemented it (so in laymans terms, "Do it like everyone else instead of how it is supposed to work"). This leads to the following behavior:
Send POST to URL_1.
Server answers with a "302 - Found" and includes URL_2.
Send GET to URL_2, dropping all the headers.
Server answers with a "404 - Not Found" as the second request does not included correct authentication headers.
The "404" response is the one received by the code, as steps 2 and 3 are "hidden" by the underlying code.
By dropping all headers, the authentication fails. As Jersey uses this class by default, this lead to the behavior I was experiencing.
I am new to JMeter. I am trying to create a test plan ,one of the requests is a POST request containing some parameter, the content type in the request header is Multipart/Form-data.
I am copying the headers/parameters from fiddler because the HTTP proxy recorder is not working.
Please see the image for the current settings I have.I am not able to get the required response using it.
As per HTTP Request Sampler Documentation
Use multipart/form-data for HTTP POST
Use a multipart/form-data or application/x-www-form-urlencoded post request
So all you need to do is:
Tick "Use multipart/form-data for POST" box
Remove all `Content-Disposition" lines
In regards to "proxy recorder not working", I have never experienced any problems with it so it might be misconfiguration or something like this. Some people find JMeter Chrome Extension easier to use.
Instead of copying the content-disposition etc, just send the parameters with name and you should be good. You are expected to send form data and it's value.
ideally it should look like, name should be just 'form' and it's value as 'buy-now'.
I would suggest you compare the requests that you are sending using developer tools and the request you are sending using JMeter, it will help you debug this quicker.
I hope it helps.