I'm sending a POST request via POSTMAN, but my server (WebServer) is receiving it as a GET request - can anyone think why this can happen? Here is some info from postman (part of the URL/hostnames annonymised):
POST /blaa/DescriptionEntities/description HTTP/1.1
Host: blaaa
Content-Type: application/x-www-form-urlencoded
Cache-Control: no-cache
Postman-Token: 3901995b-78a0-598f-40d2-83b09e09d12e
id=20&description=hi
The code:
#POST
#Path("description")
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
#Produces({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML})
public DescriptionEntity createDescriptionEntity(MultivaluedMap<String,String>map){
System.out.println(map.getFirst("id"));
System.out.println(map.getFirst("description"));
return null;
}
The Server (WebSphere):
No operation matching request path "/blaa/DescriptionEntities/description" is found, Relative Path: /description, HTTP Method: GET, ContentType: */*, Accept: */*,. Please enable FINE/TRACE log level for more details-is anyone able to kindly help here.
Not sure how to set the log level here either(I'm new to this).The relative path at the class level is "DescriptionEntities" Thanks so much.
EDIT- this is the whole class (minus import statements-it's completely experimental and ignore non related errors):
#Path("DescriptionEntities")
public class DescriptionEntityResource {
private DescriptionEntityRepository descriptionEntityRepository=new DescriptionEntityRepository();
#Path("description")
#POST
#Consumes(MediaType.APPLICATION_FORM_URLENCODED)
#Produces({MediaType.APPLICATION_JSON,MediaType.APPLICATION_XML})
public DescriptionEntity createDescriptionEntity(MultivaluedMap<String,String>map){
System.out.println(map.getFirst("id"));
System.out.println(map.getFirst("description"));
return null;
}
}
And the URL in Postman: http://blaa/DescriptionEntities/Description
EDIT: Server.xml
<server description="new server">
<!-- Enable features -->
<featureManager>
<feature>jndi-1.0</feature>
<feature>json-1.0</feature>
<feature>localConnector-1.0</feature>
<feature>appSecurity-2.0</feature>
<feature>ssl-1.0</feature>
<feature>servlet-3.1</feature>
<feature>jaxrs-2.0</feature>
<feature>jpa-2.1</feature>
<feature>jsf-2.2</feature>
<feature>jsp-2.3</feature>
</featureManager>
<httpEndpoint host="*" httpPort="80" httpsPort="443" id="defaultHttpEndpoint" sslOptionsRef="endpointSSLOptions"/>
<sslOptions id="endpointSSLOptions" sslRef="endpointSSL"/>
<ssl enabledCiphers="TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA256 " id="endpointSSL" keyStoreRef="customKeyStore"/>
<keyStore id="defaultKeyStore" password="annonymised"/>
<basicRegistry/>
<mimeTypes>
<type>svg=image/svg+xml</type>
</mimeTypes>
<httpSession useContextRootAsCookiePath="true" cookieSecure="true" />
<logging consoleLogLevel="INFO"/>
<applicationMonitor updateTrigger="mbean"/>
<webApplication id="annonymised" location="annonymised" name="annonymised"/>
EDIT: Network traffic (using fiddler):
POST /blaa/DescriptionEntities/description HTTP/1.1
Host: blaa
Connection: keep-alive
Content-Length: 20
Cache-Control: no-cache
Origin: chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
EDIT: The GET request:
GET /blaa/DescriptionEntities/description HTTP/1.1
Host: blaa
Connection: keep-alive
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Accept: */*
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8
Cookie: IBMISP=b645ef125eca11e6aeed1341c031a83e- b645ef125eca11e6aeed1341c031a83e-0801740c1b0bc161a63c23e998bba6ec; CoreM_State=83~-1~-1~-1~-1~3~3~5~3~3~7~7~|~~|~~|~~|~||||||~|~~|~~|~~|~~|~~|~~|~~|~; CoreM_State_Content=6~|~~|~|; optimizelyEndUserId=oeu1470813611355r0.3187708418093793; ajs_user_id=null; ajs_group_id=null; amplitude_idibm.com=eyJkZXZpY2VJZCI6Ijk0ZGZlZWE0LTg4NjEtNDMzNi04Yzk5LWMyZWMwNjMxOGZmNFIiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTQ3MDgxMzY4MDQ4MCwibGFzdEV2ZW50VGltZSI6MTQ3MDgxMzY4MDQ5MCwiZXZlbnRJZCI6MSwiaWRlbnRpZnlJZCI6MSwic2VxdWVuY2VOdW1iZXIiOjJ9; ajs_anonymous_id=%22b645ef125eca11e6aeed1341c031a83e%22; intercom-id=19922b40-fb41-4744-9dfb-89d6875c0294; UnicaNIODID=enSkfJ02Gh7-Z3dNjvn; optimizelySegments=%7B%222753990332%22%3A%22gc%22%2C%222757810742%22%3A%22search%22%2C%222762380326%22%3A%22false%22%2C%223081321317%22%3A%22none%22%2C%223855873690%22%3A%22referral%22%2C%223859505928%22%3A%22none%22%2C%223860673668%22%3A%22gc%22%2C%223861195110%22%3A%22false%22%7D; optimizelyBuckets=%7B%7D; cvo_sid1=EEHN9V3GC6UB; cvo_tid1=BF-jgeF2_Y4|1470813613|1471260957|0; mmcore.tst=0.794; mmapi.store.p.0=%7B%22mmparams.d%22%3A%7B%7D%2C%22mmparams.p%22%3A%7B%22mmid%22%3A%221502797170504%7C%5C%22716298243%7CCgAAAApStaCTtQ0AAA%3D%3D%5C%22%22%2C%22pd%22%3A%221502797170506%7C%5C%22-1893569528%7CCgAAAAoBQlK1oJO1DfyoSkgDAOpF09EAxdNIDwAAABoXwicJwdNIAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FAAZEaXJlY3QBtQ0DAAAAAAAAAAAAAP%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwAAAAAAAUU%3D%5C%22%22%2C%22srv%22%3A%221502797170510%7C%5C%22ldnvwcgus01%5C%22%22%7D%7D; __auc=f59597cf1567352a7c8a1f92cde; _ga=GA1.2.1447575942.1471939647; CoreID6=67988125510914708136127&ci=50200000|Bluemix_51040000|IBMTESTW3_51040000|HR_50200000|IBM_GlobalMarketing_50200000|devwrkscon_50200000|ESTKCS_50200000|DWNEXT; utag_main=v_id:01567352a47a000fc70d49709b1a04072002b06a00718$_sn:4$_ss:0$_st:1471941446924$dc_visit:4$_pn:7%3Bexp-session$ses_id:1471937020076%3Bexp-session$dc_event:19%3Bexp-session$dc_region:eu-central-1%3Bexp-session$ttd_uuid:f57e787f-a10b-48bc-833c-add2cf0e063d%3Bexp-session; 50200000_clogin=v=1&l=1471937020&e=1471941448777
EDIT: I have purged this little test project for now as I can't figure out what's wrong. I may try another time a little further down the line. Still curious as to what went wrong though so let me know if you spot anything obvious. Thanks everyone
Related
Im trying to download a simple web page as text using Weblcient but all time i get a problem,
i think the problem in the user-agent but when i set one for the weblclient i get the same problem
the page httpheader Capture :
GET /wp-json/binlist/v1/441442/?_wpnonce=335f68c9e2 HTTP/1.1
Host: binlist.org:443
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: _ga=GA1.2.1639241798.1540059335
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.0.1617 Safari/537.36
HTTP/1.1 200
access-control-allow-headers: Authorization, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
allow: GET
alt-svc: quic=":443"; ma=86400; v="43,39"
cache-control: max-age=0
content-encoding: gzip
content-length: 221
content-type: application/json; charset=UTF-8
date: Sat, 22 Jun 2019 10:02:14 GMT
expires: Sat, 22 Jun 2019 10:02:13 GMT
host-header: 192fc2e7e50945beb8231a492d6a8024
link: <https://binlist.org/wp-json></https:>; rel="https://api.w.org/"
server: nginx
set-cookie: wpSGCacheBypass=0; expires=Sat, 22-Jun-2019 09:02:13 GMT; Max- Age=0; path=/
status: 200
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-proxy-cache: MISS
x-robots-tag: noindex
x-wp-nonce: 335f68c9e2
my code :
Private Sub Button4_Click(sender As Object, e As EventArgs) Handles Button4.Click
Dim webClient As New System.Net.WebClient
webClient.Headers("User-Agent") = "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)"
Dim result As String = WebClient.DownloadString("https://binlist.org/wp-json/binlist/v1/441442/?_wpnonce=a7ddc554d3")
RichTextBox3.Text = result
End Sub
I am trying to add Cache-Control: no-cache, no-store to HTTP response header. I put the following to Web.config:
<configuration>
<system.webServer>
<staticContent>
<clientCache cacheControlMode="DisableCache" />
</staticContent>
</system.webServer>
</configuration>
It yields Pragma: no-cache directive in the header.
CONNECT ...:443 HTTP/1.0
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
Connection: Keep-Alive
Content-Length: 0
Host: ...
Pragma: no-cache
Is this equivalent to Cache-Control: no-cache? How do change Web.Config to produce Cache-Control: no-cache, no-store in the HTTP header on IIS 8.5? Thanks in advance.
I have jquery fine-uploader 5.2.1 which I configured like this
<script type="text/javascript">
$(function() {
$('#fineUploader').fineUploaderS3({
template: 'qq-template',
request: {
endpoint: "https://MY-BUCKET.s3.amazonaws.com",
accessKey: "MY-AWS-KEY",
},
signature: {
endpoint: "/s3demo-cors.php"
},
uploadSuccess: {
endpoint: "index.html"
},
chunking: {
enabled: true,
mandatory: true,
}
});
});
</script>
and I have s3demo-cors.php where I modified these two lines only
$clientPrivateKey = 'MY AWS SECRET KEY';
$expectedBucketName = "MY-BUCKET";
When examining the flow, I can see signature getting generated correctly, then OPTIONS request is successfully made but then this request is made and results in 403 InvalidAccessKeyId response from amazon.
POST /8fbc7973-d054-41aa-a2af-f9c9d29569f0.jpg?uploads HTTP/1.1
Host: MY-BUCKET.s3.amazonaws.com
Connection: keep-alive
Content-Length: 0
x-amz-acl: private
Origin: https://MY-HOST
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 FirePHP/4Chrome
Content-Type: image/jpeg
Authorization: AWS MY-AWS-KEY:SIGNATURE
x-amz-meta-qqfilename: beautiful_scenery-1024x768.jpg
x-amz-date: Fri, 08 May 2015 15:02:58 GMT
Accept: */*
Referer: https://MY-HOST/fineuploader/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
X-FirePHP-Version: 0.0.6
X-Wf-Max-Combined-Size: 261120
I have the following in my CORS file
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedMethod>POST</AllowedMethod>
<AllowedMethod>PUT</AllowedMethod>
<AllowedMethod>DELETE</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<ExposeHeader>ETag</ExposeHeader>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
</CORSConfiguration>
I am almost stuck at this point and will appreciate any insights of how I can debug this further.
Thanks!
UPDATE 1
Also in case it helps, for a single request, these are the headers that I am requested to sign
POST
image/jpeg
x-amz-acl:private
x-amz-date:Fri, 08 May 2015 15:19:52 GMT
x-amz-meta-qqfilename:beautiful_scenery-1024x768.jpg
/MY-BUCKET/bedbba49-ae0c-479d-b7a0-663bbd55cc53.jpg?uploads
And these the ones that are sent out
POST /bedbba49-ae0c-479d-b7a0-663bbd55cc53.jpg?uploads HTTP/1.1
Host: MY-BUCKET.s3.amazonaws.com
Connection: keep-alive
Content-Length: 0
x-amz-acl: private
Origin: https://MY-HOST
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36 FirePHP/4Chrome
Content-Type: image/jpeg
Authorization: AWS MY-KEY:SIGNATURE
x-amz-meta-qqfilename: beautiful_scenery-1024x768.jpg
x-amz-date: Fri, 08 May 2015 15:19:52 GMT
Accept: */*
Referer: https://MY-HOST/fineuploader/index.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
X-FirePHP-Version: 0.0.6
X-Wf-Max-Combined-Size: 261120
I am trying to develop an OpenID Provider for Single Sign On capability in my company. I have little experience with either MVC 4 or the DotNetOpenAuth library.
I am trying to build the provider based on the examples downloaded from http://www.dotnetopenauth.net/site.
My provider is not invoked by the relying party but it does not invoke the URI mentioned in the Xdrs. The URI is being formed as
http://localhost:54589/OpenId/provider
but the action for this url (the Provider action) is not being invoked. If I access this URL directly from the browser then it shows the view in the browser.
Below is the Xrds
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
xmlns:xrds="xri://$xrds"
xmlns:openid="http://openid.net/xmlns/1.0"
xmlns="xri://$xrd*($v*2.0)">
<XRD>
<Service priority="10">
<Type>http://specs.openid.net/auth/2.0/server</Type>
<Type>http://openid.net/extensions/sreg/1.1</Type>
<Type>http://axschema.org/contact/email</Type>
<URI>http://localhost:54589/OpenId/Provider</URI>
</Service>
</XRD>
</xrds:XRDS>
I am not sure whether this is an MVC problem OR I am not using DotNetOpenAuth correctly.
Update
On Debugging I found that my MVC razor Xrds.cshtml is being called but the relying party does not redirect to the URI exist in Xrds. I also made sure that I am setting the Request.ContentType as application/Xrds+xml. Below is my code
public ActionResult Index()
{
if (Request.AcceptTypes.Contains("application/xrds+xml"))
{
ViewData["OPIdentifier"] = true;
return RedirectToAction("Xrds");
}
return View();
}
public ActionResult Xrds()
{
ViewData["OPIdentifier"] = true;
Response.ContentType = "application/xrds+xml";
return View("Xrds");
}
When I see the request and response in Fiddler, it come back with result 200 where it should be 302.
Does this mean that the xrds is not going back to relying party in proper format?
Here the fiddler trace
GET http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:4856/
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Accept-Encoding: gzip, deflate
Host: localhost:4856
Connection: Keep-Alive
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcbWFoZXNoLmNoYXVkaGFyaVxEb3dubG9hZHNcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcU2FtcGxlc1xPcGVuSWRSZWx5aW5nUGFydHlXZWJGb3Jtc1xsb2dpbi5hc3B4?=
X-Powered-By: ASP.NET
Date: Mon, 11 Mar 2013 08:59:07 GMT
Content-Length: 9430
------------------------------------------------------------------
POST http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx HTTP/1.1
Accept: image/jpeg, application/x-ms-application, image/gif, application/xaml+xml, image/pjpeg, application/x-ms-xbap, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Referer: http://localhost:4856/login.aspx?ReturnUrl=%2fMembersOnly%2fDefault.aspx
Accept-Language: en-GB
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; InfoPath.3)
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
Host: localhost:4856
Content-Length: 964
Connection: Keep-Alive
Pragma: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-AspNet-Version: 4.0.30319
X-SourceFiles: =?UTF-8?B?QzpcVXNlcnNcbWFoZXNoLmNoYXVkaGFyaVxEb3dubG9hZHNcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcRG90TmV0T3BlbkF1dGgtNC4yLjIuMTMwNTVcU2FtcGxlc1xPcGVuSWRSZWx5aW5nUGFydHlXZWJGb3Jtc1xsb2dpbi5hc3B4?=
X-Powered-By: ASP.NET
Date: Mon, 11 Mar 2013 08:59:14 GMT
Content-Length: 10382
HTTP/1.1 header field values can be
folded onto multiple lines if the
continuation line begins with a space
or horizontal tab. All linear white
space, including folding, has the same
semantics as SP. A recipient MAY
replace any linear white space with a
single SP before interpreting the
field value or forwarding the message
downstream.(quoted from here)
Here's my server side script,which just dumps the cookie content:
var_dump($_COOKIE);exit;
Here comes my test,please pay attention to the cookie part:
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;
artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
27
array(1) {
["A"]=>
string(1) "t"
}
0
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;
artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:11 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
27
array(1) {
["A"]=>
string(1) "t"
}
0
GET /logtest.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.17) Gecko/20110420 AlexaToolbar/alxf-2.11 Firefox/3.6.17
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-cn,zh;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: GB2312,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Cookie: A=t;artDate=t
Cache-Control: max-age=0
HTTP/1.1 200 OK
Server: iis/8.0
Date: Mon, 23 May 2011 12:38:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.3.2
Set-Cookie: ZDEDebuggerPresent=php,phtml,php3; path=/
47
array(2) {
["A"]=>
string(1) "t"
["artDate"]=>
string(1) "t"
}
0
It's a known issue that doesn't have a high priority.