i'm running out of attempts... just got this "you are doing that too much. try again in 27 minutes." so I thought I would come here and ask.
This is the request I'm sending
URL:
http://www.reddit.com/api/login/
Headers:
User-Agent: "Reddit test app"
POST DATA:
user=USERNAME&passwd=PASSWORD&api_type=json
Putting the parameters in the URL instead... strangely works! I would like to avoid this though as it may not be safe to pass the password in the URL.
e.g. http://www.reddit.com/api/login/?user=USERNAME&passwd=PASSWORD&api_type=json
Another question... how do I access /api/v1/me/ ?
Tried passing modhash as a GET/POST parameter, and also by passing "uh" as a Header. None of them work.
Any ideas what I'm doing wrong? Thanks! :)
First, you can use https://ssl.reddit.com for login. That makes the concern about passing parameters as part of the URL unnecessary.
Second, /api/v1/me/ can only be used with OAuth2 access that has the 'identity' scope. It cannot be accessed from a logged in session.
As to why your POST request isn't working, you probably have incorrectly encoded the POST data. Try POSTing your data to http://httpbin.org/post and see if you get the expected results back.
i know its an old question, but just want to add an answer just in case some is referred here. I think the problem lies in not using the "content-type" in the header, as a result of which the post data is getting processed correctly. I was making the same mistake and a call ".setRequestHeader("Content-type","application/x-www-form-urlencoded");" fixed it. I think everyone is using frameworks like jQuery that must be doing this internally.
Related
A company is asking me to do an Angular assignment. They provide the following instructions, but the API URL doesn't work:
Create a single page angular application and use the following API to retrieve sports results and sort into a table of results that are displayed. Each sport result contains several data and always includes the publication time.
Method: POST
Content-Type: application/json
Url: https://ancient-wood-1161.getsandbox.com:443/results
Tasks:
-Display the sports results in reverse chronological order on the page.
-Add a filter to the page to display only certain types or events (e.g. f1Results)
-How can you confirm the code works?
-Bonus: Implement the rest call asynchronously
You can click the URL https://ancient-wood-1161.getsandbox.com:443/results right now and see that it doesn't work - it returns {"errors":[{"message":"Error processing request"}]} and in Angular it gives me a standard CORS error.
I asked the company to please send a working URL and/or update the API to accept requests from everywhere. Their response was:
*guy's name* confirmed it worked. It is a post and the content type is json.
Can you use a POST request to GET data?
Absolutely. Take for example your avg Login Request that returns an access token for instance. It is going to be a POST as POST also has a bit more security than GET given that the payload is in the body rather than the URL string.
As for their excuse of it not working, try it in postman and see if the same issue still occurs. If it still does then ask them where did they test their API as if it is on prem then no duh the CORS would work. It is most likely not a company you would want to work for.
Yes, you can. On some cases it may be necessary, since GET doesn't take a body while POST does. So it can get you around things like URL length limits.
Been having this issue for a little while now. i have set up the category_create_post functionality in the categoryController. i believe everything is done correctly by the looks of it. and also set up the category_form.ejs to take in the users input however whenever i submit the form it throws an err saying the category name and description is blank. not able to understand or see why.
thanks
Edit: SOLVED
Make sure your headers are set correctly especially Content-Type. This heavily depends on the request API you use and the backend. I usually use axios as my request API.
I'm trying to make a React app for a project that pulls data from an existing API, and I got stuck on something that I have no idea why it's happening. I'll try to explain it:
I have three different files which are supposed to be working together: two components (one called SearchOffers and the other called OfferResults) and a file (get-data) to keep the request functions.
Inside get-data there is a function called getJSON that given an URL and its parameters returns the JSON provided by that request. I've made an example right after the function to prove that it works just fine.
The issue here is that whenever I try to fill the forms on SearchOffers and hit send, the console outputs Invalid content-type.
Expected application/json but received text/html; charset=UTF-8. Even though it's a known error, I don't understand why when I execute the function separately I get a normal JSON from the request but here I get a text/html.
I know the code is quite big, but neither me nor my teacher have no clue why this is happening. If anyone could please help me out, I'd appreciate it a lot!
This is not a duplicate of questions such as this, but rather the opposite: I have a form that I'm submitting via jQuery
$('<form>', {
action : 'service',
method : 'post',
target : '_blank'
}).append(
$('<input>', {
type : 'hidden',
name : 'payload',
value : JSON.stringify(payload)
})
).appendTo('body').submit().remove();
This is done so that I can open a different page with HTML.
Since I need to submit quite a lot of complex information, what I actually do is serialize them all into a big JSON string, then create a form with only one field ("payload") and submit that.
The receiving end has a filter that goes like this:
if the method is POST,
and there is only one submitted variable,
and the name of that one variable is "payload",
then JSON-decode its value and use it to create fake GET data.
So when the GET data grows too much I can switch methods without modifying the actual script, which notices no changes at all.
It always worked until today.
What should happen
The server should receive a single POST submission, and open the appropriate response in a popup window.
What actually happens instead
The server does receive the correct POST submission...
...apparently ignores it...
...and immediately after that, the browser issues a GET with no parameters, and it is the result of that parameterless GET that gets (pardon the pun) displayed in the popup window.
Quite unsurprisingly, this is always a "You did not submit any parameters" error. Duh.
What I already did
verified that this method works, and has always worked for the last couple of years with different forms and different service endpoints
tried replacing the form with a hardcoded <FORM> in HTML, without any jQuery whatsoever. Same results. So, this is not a jQuery problem.
tried with different browsers (it would not have helped if it only worked on some browsers: I need to support most modern browsers. However, I checked. Luckily, this failure reproduces in all of them, even on iPhones).
tried sending few data (just "{ test: 0 }").
tried halting the endpoint script as soon as it receives anything.
checked Stack Overflow. I found what seems to be the same problem, in various flavours, but it's of little comfort. This one has an interesting gotcha but no, it does not help.
checked firewalls, proxies, adblockers and plugins (I'm now using plain vanilla Firefox).
called the IT guys and asked pointed questions about recent SVN commits. There were none.
What I did not yet do
Check the HTTPS conversation at low level (I don't have sufficient access).
Compared the configuration, step by step, of a server where this works and the new server where it does not.
Quite clearly, put my thinking hat on. There must be something obvious that I'm missing and I'm setting myself up for a sizeable facepalm.
Use a tool like hurl.it or Postman to manually send a request to the server. The tools will nicely display the response from the server including all HTTP headers. I suspect the server responds with a redirect (Status code 30X) which leads to a GET request being issued after the POST completes.
Update: HTTP redirects
HTTP redirects do not necessarily use the same HTTP method or even the same data to issue a request to the redirect target. Especially for non-idempotent requests this could be a security issue (you don't generally want your form submission to be automatically re-submitted to another address). However, HTTP gives you both options:
[...] For this reason, HTTP/1.1 (RFC 2616) added the new status codes 303 and 307 [...], with 303 mandating the change of request type to GET, and 307 preserving the request type as originally sent. Despite the greater clarity provided by this disambiguation, the 302 code is still employed in web frameworks to preserve compatibility with browsers that do not implement the HTTP/1.1 specification.
[from Wikipedia: HTTP 302]
Also for 301s:
If the 301 status code is received in response to a request of any type other than GET or HEAD, the client must ask the user before redirecting.
[from Wikipedia: HTTP 301]
I am attempting to build a reader for Tiny Tiny RSS and am stuck almost at square one. I'm setting the app up to use ajax via prototype.js (1.6.1) and am attempting a simple login to the app to retrieve a key.
Here's what I have so far:
new Ajax.Request(Api.BASE_URL, {
method: "get",
parameters: {"op": "login", "user": "user", "password": "password"},
onSuccess: authSuccess,
onFailure: failure
})
Where Api.BASE_URL is defined as "http://tt-rss.example.com/api/"
When I try to log in I get the error response "NOT_LOGGED_IN", which appears to indicate that the api either does not recognize the op call that I am using, or the parameters are wrong, or something.
What is particularly odd is that this should be equivalent to the CURL command:
curl -d '{"op":"login","user":"user","password":"password"}' http://tt-rss.example.com/api/
Which works properly. I get the feeling that I am missing something incredibly simple, but am not sure what it is. Any help would be much appreciated.
In addition to the get vs post error, it turns out that the problem was that I was trying to pass a complex json object using the wrong ajax option.
I tested with a simpler function call (isloggedin), so my json object was defined as:
parameters: {"op": "isloggedin"},
When I used the "parameters" ajax option, the request was sending raw data in the form of:
op=isloggedin&_=
Which was getting rejected.
On the other hand, the raw data from cURL looked like:
{"op":"isloggedin"}
Which was working.
This post put me on the right track. I needed to use "postBody" instead of "parameters" to send the data properly. My final command wound up looking like this:
postBody: '{"op": "isloggedin"}',
And it worked. Also, apparently in this case type of quotes does matter. If I used single quotes on the outside, it worked. If I used double quotes on the outside if failed.
Your curl command sends data in a POST request, whereas the Ajax call uses the GET method. According to the tt-rss API documentation, older versions supported both GET and POST, but now data must be encoded using JSON in HTTP POST data.