Sending GET request parameters in body - api

I have an API which accepts many parameters.
Passing the values of the parameters will exceed the length of the URL Header.
I am using Postman client to pass the parameters in the body but this is not working any ideas on how to make this work.
The API accepts many parameters because the backend is legacy and is exposed as an API by a service bus.

Older versions of Postman didn't allow you to send body data with get request.
Yet, if your server receives data as URL parameters you won't be able just to change the way of sending them and include them to the body (server won't accept them).
So if the length of parameters is indeed so big and the server indeed can receive the same data from body instead of from parameters then the Postman is just not the tool that you can use (maybe cURL is for you).
If your server allows to send data only as URL parameters and they are so long (more then 2000 chars What is the maximum length of a URL in different browsers?) then I think you have no chances to test this API.
UPDATE: new Version 7.20.1 now allows to send Body with GET request

Workaround:
Change the request type to POST.
Set the value of your body
Change request type to GET
Send request and the body is included

Postman is already added this feature of sending body in get
request.
But i still i recommended to go for post request (if body is present) since many projects like angular http client does't have updated protocols yet.

Latest Postman supports body object for Get request
just choose json format as shown in pic above

If you want to make a GET request in Postman then you can use Params or Body to pass parameters, but not both. Either Params only or Body only. If you specify both Params and Body, Postman will select and send only Params (in GET request of course). So if you want it to send Body, clear Params.

Related

HTTP response body for server command request

I am solving one question with my team about REST API specification.
We have a case where in some requests we are sending only some particular command via HTTP request for example : We are using POST (now considering PATCH request) to endpoint : /server/startSomeOperation . Backend developers told us that this request is only telling hardware to start some functionality on backend that affects the measurement of the user but it really has nothing to return. My question is :
Should we (according to some REST API specification) always return body of such a request when we know that no additional returned data will be needed except HTTP status code? Until now we were strictly following the rule that every request needs to have some sort of body returned but until now every body response even when it was a command to a server made sense.
Should we (according to some REST API specification) always return body of such a request when we know that no additional returned data will be needed except HTTP status code?
No - it is perfectly fine to send a 204 No Content or a 205 Reset Content when the semantics of your response is well aligned with the standard meaning of those codes.
You also have the option of declaring that the "representation of the status of, or results obtained from, the action" is zero bytes long, in which case you could use a 200 OK with a Content-Length header.

Is the difference between GET v POST in convention or by design?

Background:
Looking at some links like these below, I noticed two unique sets of descriptions for GET versus POST.
One description states that the difference is in how the information is sent: GET sends that information through the URL whereas POST sends that information through the HTTP request body.
Another description states that the difference is in which way that
information is sent: GET sends information to the server whereas POST
requests information from the server.
I find these descriptions to be lacking for the following reasons:
What if I want to get something from the server (GET) but I am sending a large amount of data first (eg. 50MB of text) so I would need to send it in the HTTP request body (POST). Would it be OK to use POST to get something from the server?
What if I don't want sensitive information to be stored in the URL, is it OK to instead use POST everytime?
The jquery GET function has the same method signature as the jquery POST function (see documentation), specifically it can also send data as A plain object or string that is sent to the server with the request, which I interpret as being added to the HTTP request body. If data for GET can be sent via the HTTP request body, then to me, this contradicts most of these sites that claim that as one of the differentiating descriptions of POST vs GET.
Nothing's to stop me from creating API endpoints which are GET but behave like POST (or PUT, or DELETE or PATCH)
Question:
Is the lack of strict descriptions because of my poor understanding, because of the ad hoc development process for HTTP/Ajax or is it something else entirely?
Supporting Links:
HTTP Request Methods
GET vs. POST
GET vs POST: Key Difference between HTTP Methods
jQuery - AJAX get() and post() Methods

How to use a Postman Mock Server

I have followed the guide here to create a postman mock for a postman collection. The mock seem to be successfully created, but I have no idea how to use the mock service.
I've been given a url for the mock, but how do I specify one of my requests? If I issue a GET request to https://{{mockid}}.mock.pstmn.io I get the following response:
{
"error": {
"name": "mockRequestNotFoundError",
"message": "We were unable to find any matching requests for the mock path (i.e. undefined) in your collection."
}
}
According to the same guide mentioned above the following url to "run the mock" https://{{mockId}}.mock.pstmn.io/{{mockPath}} but what exactly is mockPath?
Within my collection I have plenty of folders, and inside one of these folders I have a request with an example response. How do I access this example response through the mock? Thanks for all help in advance!
Here's the Postman Pro API, which doesnt mention a lot more than just creating reading mocks.
I had the same issue seeing an irrelevant error but finally I found the solution. Unfortunately I cannot find a reference in Postman website. But here is my solution:
When you create a Mock server you define your first request (like GET api/v1/about). So the Mock server will be created but even when you obtain your API key and put it in the header of request (as x-api-key) it still returns an error. It doesn't make sense but it turned out that defining the request is not enough. For me it only started returning a response when I added an Example for the request.
So I suggest for each request that you create, also create at least one example. The request you send will be matched with the examples you have created and the matched response will be returned. You can define body, headers and the HTTP status code of the example response..
I have no Pro Postman subscription and it worked for me using my free subscription.
Menu for adding an example or selecting one of them for editing:
UI for defining the example (See body, headers and status) :
How to go back to the request page:
Here is the correct reply I get based on my example:
If you request in the example is a GET on api.domain.com/api/foo then the mockPath is /api/foo and your mock endpoint is a GET call to https://{{mockid}}.mock.pstmn.io/api/foo.
The HTTP request methods and the the pathname as shown in the image below constitute a mock.
For ease of use the mock server is designed to be used on top of collections. The request in the examples is used as is along with response attached to it. The name of the folder or collection is not a part of the pathname and is not factored in anywhere when using a mock. Mocking a collection means mocking all the examples in within your collection. An example is a tuple of request and response.
An optional response status code if specified lets you fetch the appropriate response for the same path. This can be specified with the x-mock-response-code header. So passing x-mock-response-code as 404 will return the example that matches the pathname and has a response with status code of 404.
Currently if there are examples with the same path but different domains, and mock is unable to distinguish between them it will deterministically return the first one.
Also if you have several examples for the same query :
Mock request accept another optional header, x-mock-response-code, which specifies which integer response code your returned response should match. For example, 500 will return only a 500 response. If this header is not provided, the closest match of any response code will be returned.
Optional headers like x-mock-response-name or x-mock-response-id allow you to further specify the exact response you want by the name or by the uid of the saved example respectively.
Here's the documentation for more details.
{{mockPath}} is simply the path for your request. You should start by adding an example for any of your requests.
Example:
Request: https://www.google.com/path/to/my/api
After adding your mock server, you can access your examples at:
https://{{mockId}}.mock.pstmn.io/path/to/my/api

how to get request header and response header by webkitGTK

I want to get the request header before the webkitGTK begin to send request and load the page. Then I want to get the response headers. However, I don't find such API in webkitGTK.
In Webkit1 the signal you want is WebKitWebView::resource-request-starting: The request argument contains a WebKitNetworkRequest which has a SoupMessage which will allow you to modify the request headers. The same signal has resource argument which has a response-received which in turn will contain a WebKitNetworkResponse. The SoupMessage of that response will have the response headers you want.
In Webkit2GTK the WebKitWebView::resource-load-started should be useful for at least monitoring: request and resource arguments work almost like the WebKit1 versions. The bit that I'm not 100% sure about is whether you can modify the request headers here -- or if you have to implement a WebExtension and use the WebKitWebPage::send-request signal.

REST api request method input parameters

i've been researching/creating a REST api, in the backbone.js to php context.
i understand the concept of HTTP verbs and when they should be used
GET - select
POST - create
PUT - update
DELETE - delete
i also understand the concept of passing an identifier as a semantic url, e.g.
GET http://api/users/123
DELETE http://api/users/123
in these cases the "123" is the id the business logic will use to get/delete a user.
but what about the POST and PUT contexts? when sending a request to
PUT http://api/users/123
the api will update user id 123 with the supplied parameters, here's where my question arises.
i would assume the input parameters to update with would be sent as PUT parameters. in php syntax this is represented as: file_get_contents('php://input') (this is the same for delete requests.)
when testing this via backbone.js it works perfectly.
but when i try and create a new element with
POST http://api/users/
i would assume the input values would sent as POST parameters/ in php syntax this is represented as $_POST. but this does not work.
after some testing, and reading up on rails style REST apis (which is what the backbone docs suggest), i realized that all request variables are sent the same way. if i change my code to use file_get_contents('php://input') to get the request parameters for every request type, backbone works perfectly.
is this standard fair for REST apis? or just "rails flavored" ones?
PUT, POST, PATCH, etc (everything but GET and DELETE*) accept request bodies. Generally data is passed as either:
A URL encoded string of name/value pairs (exactly the same as a URL querystring) that is decoded and parsed by the server into $_POST (or similar depending on your web framework of choice). This typically relies on the presence of a Content-Type header set to application/x-www-form-urlencoded (browsers do this by default when forms are submitted). If you see the data in file_get_contents('php://input') but not $_POST it's very likely this header is not present or is set to another value. If you're using Chrome, you can see what headers and body the client is sending in the Network tab of the dev tools.
The other popular request body format is to use Content-Type: application/json and then write out a JSON string to the body. This can be accessed via file_get_contents('php://input') and then parsed with a JSON parser.
* Note on DELETE: it's a little unclear whether or not using a request body with DELETE is allowed or a good practice.