The request entity body has an incorrect value in the 'Content-Disposition' header. The expected format for this value is 'Content-Disposition: - onedrive

I have tried multiple HTTP APIs to post a file to OneDrive using the POST method, and I am getting always the same error.
I went to the extreme case of creating my own SSL TCP socket and send the following bytes:
POST /v5.0/folder.a4fb14adbccd1917.A4FB14ADBCCD1917!32089/files HTTP/1.1
Accept-Encoding:
Authorization: Bearer eWciaQ1DBAAUGCCXc8wU/zFu9QnLdZXy%2bYnElFkAAXA4AJqTmiPoOUADOkV98mAdpBZp8SeF0zjYzU4%2bVa0fVR/aWr4X0cHWAzEF7s7HBEABBptxlWcKHEyrgKfbH2YbADpxEjU0gRrOz37WInvPSgFVD8BZ9GtCQwdHh3GUXunbM/Nlqh1TIzELMJYuPEgaEBBWT25f8SoKziZi2kPVlZDPokjJBq2bxrYcAWydDK74ivuiuDGkX4hMpmWZmWtergEybpN2EgObHQa8O3GT2a9ta2hps0ElCv0GkhWG/u1t19/xjokW2dNbbsJ01A9iJkMYXhaMTYg71sGjqzHdXjAJf0hXNg8NiIOTy82MlHqEwCwEyzfXOSGddt0cLkIDZgAACEDf3skftS5%2bWAHGkGlcwFj4DRlrn3/F2DvOZWgyeITjkWfzdx%2b4B8m5olyO5oYKWf77zjVxnUkJ50cIOVCJq/OgnV1kMGB45EExY3%2b3T9JjN0rm91doGnuFGj1m/vuzVN3eP5f3Jr0hMvXbMpzFBImV/c/5SU5esBzA1zas9xt%2bKEi0rriVSqHS4QI4Bps3RN5KpQd4yrNxcTDi%2b9b9AkUVQB%2bxeW5lWGuR5YvaAOHhcePRqNqT2MY7c1zQMoa/C7E63FuOoSdr0KPJbsDKl8aXEt9vT/6A8BK0MnY%2b7MJ1cZaFL%2bhvK0lfI4Z6LJa/3Ayy%2bPt8%2bOc8gNP1Mu/1RCdOT8K1PxwhnvUIE8cnRyI28LUm%2bWUCnurRCNMNBorhZu64JxqOC1EGOja6wNcyI%2bw3TQ1dorDJWN91qENQAxxBMpl1LWdp548kDJcEPwxI4SkXQKnvWcxW1vCZY90SHzruvNmb
Content-Length: 197
Content-Type: multipart/form-data; boundary=8381f8b9-b470-43ce-b23b-f13cf5840014
Host: apis.live.net
Connection: Keep-Alive
Cache-Control: no-cache
--8381f8b9-b470-43ce-b23b-f13cf5840014
Content-Length: 9
Content-Type: application/octet-stream; charset=UTF-8
Content-Disposition: form-data; name="file"; filename="hello.txt"
xxxxxxxxx
--8381f8b9-b470-43ce-b23b-f13cf5840014--
And I always get the following bytes back:
HTTP/1.1 400 Bad Request
Cache-Control: private, no-cache, no-store, must-revalidate
Content-Length: 276
Content-Type: application/json; charset=UTF-8
Server: Live-API/18.105.8117.3007 Microsoft-HTTPAPI/2.0
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
X-MSNSERVER: BY3301____PAP073
X-Content-Type-Options: nosniff
X-HTTP-Live-Request-Id: API.f06af310-9b49-4cbf-bf71-8c9d79570ec9
X-AsmVersion: UNKNOWN; 18.105.0.0
Date: Mon, 06 Oct 2014 21:37:15 GMT
{
"error": {
"code": "request_body_invalid",
"message": "The request entity body has an incorrect value in the 'Content-Disposition' header. The expected format for this value is 'Content-Disposition: form-data; name=\"file\"; filename=\"[FileName]\"'."
}
}
All of this happened after I tried to answer this SO question.
Any idea?
UPDATE: I used the onedrive-api tag as recommended in the MSDN forums.

Try putting the Content-Disposition header as the first header after the boundary, followed by the Content-Type:
--8381f8b9-b470-43ce-b23b-f13cf5840014
Content-Disposition: form-data; name="file"; filename="hello.txt"
Content-Type: application/octet-stream; charset=UTF-8
You may need to omit the Content-Length as well to make it work. Pretty fragile really.

Related

How to get the right ACCESS_TOKEN in YouTube APIv3?

Working with YouTube Data API v3
I want to get Access token using this tutorial: https://developers.google.com/youtube/v3/guides/auth/server-side-web-apps
[[CODE]] :
4%2F0AdQt8qiarZnP_RFvafYA-ABLABLA*UpZ6YlB1_Byzrvqfm9iRthXll6F6TfG_f-cGw
[[CLIENT_ID]] :
27501137863BLABLA*sd2918n2gqqclurlegm6j2.apps.googleusercontent.com
[[CLIENT_SECRET]] :
GOCSPX-T0lF1yVLJ*BLABLAGgfL7qvcwB5p
I send a POST request:
screenshot: https://i.imgur.com/9DzF4aK.png
I get a 400 error, What's wrong?:
Status: 400
Pragma: no-cache
Date: Thu, 11 Aug 2022 18:14:44 GMT
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Content-Type: application/json; charset=utf-8
Vary: X-Origin
Vary: Referer
Server: scaffolding on HTTPServer2
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
{
"error": "redirect_uri_mismatch",
"error_description": "Bad Request"
}```
Your endpoint is wrong to start with its https://oauth2.googleapis.com/token Thats why you are getting a 404
POST /token HTTP/1.1
Host: oauth2.googleapis.com
Content-Type: application/x-www-form-urlencoded
code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7&
client_id=your_client_id&
client_secret=your_client_secret&
redirect_uri=https%3A//oauth2.example.com/code&
grant_type=authorization_code
You may want to try watching this Understanding Google OAuth 2.0 with curl or this How to set up Oauth2 in PostMan. although im not sure if what you are using is postman or not.

Karate multi part file upload getting error from Mulesoft

Mulesoft is rejected a file upload saying:
"Unable to get name from form-data"
According to this link: MuleSoft Support they suggest naming convention of
following: Content-Disposition, instead of what is being sent as content-disposition.
Feature:
Given url 'https:someurlpath'
And header Authorization = 'Basic ' + 'feefff'
And header Content-Type = 'multipart/form-data'
And header Accept-Encoding = 'gzip, deflate, br'
And multipart field callingApplicationName = 'Karate'
And multipart file binaryContent = { read: 'response.tif', filename: 'response.tif', contentType: 'image/tiff' }
And multipart field properties = '[{"displayName":"SR Number","value":["1234","12345"]},{"displayName":"Document Type","value":"CLAI"},{"displayName":"Ingestion Source","value":"FILENETTOOLS"},{"displayName":"Received Date","value":"2022-01-14T00:52:50.837650Z"},{"displayName":"Pages","value":"0"}]'
When method Post
Then status 200
And print response
And match response.status == 'ACTIVE'
Here is the request:
1 > POST https://api.maha.com/documents-process-api/v1/documentC/specialR/documents/
1 > Authorization: Basic foooooooobooooooo
1 > Content-Type: multipart/form-data; boundary=231ef49a739286f9
1 > Accept-Encoding: gzip, deflate, br
1 > Content-Length: 214420
1 > Host: api.maha.com
1 > Connection: Keep-Alive
1 > User-Agent: Apache-HttpClient/4.5.13 (Java/14.0.2)
content-disposition: form-data; name="callingApplicationName"; filename=""
content-type: text/plain; charset=UTF-8
content-length: 6
Completed: true
IsInMemory: true
Mixed: content-disposition: form-data; name="binaryContent"; filename="response.tif"
content-type: image/tiff; charset=UTF-8
content-length: 213642
Completed: true
IsInMemory: false
RealFile: /Users/req/workspace/hlx/sasquatch-automated-tests/src/test/groovy/com/maha/gpa/document/storage/service/response.tif DefaultDeleteAfter: true
content-disposition: form-data; name="properties"; filename=""
content-type: text/plain; charset=UTF-8
content-length: 278
Completed: true
IsInMemory: true
Yes this is a known issue with a workaround, refer this thread please: https://github.com/karatelabs/karate/issues/1647
Meanwhile you are most welcome to contribute code to Karate to fix this :)

Google safe browsing API not returning threat URLs

I'm sending requests to the Google safe browsing API. I believe I'm following their documentation correctly. I've tried regenerating my key.
I'm sending the request below
POST https://safebrowsing.googleapis.com/v4/threatMatches:find?key=AIxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx HTTP/1.1
User-Agent: Fiddler
Host: safebrowsing.googleapis.com
Content-Length: 511
{
"client": {
"clientId": "yourcompanyname",
"clientVersion": "1.5.2"
},
"threatInfo": {
"threatTypes": ["MALWARE", "SOCIAL_ENGINEERING"],
"platformTypes": ["WINDOWS"],
"threatEntryTypes": ["URL"],
"threatEntries": [
{"url": "http://www.urltocheck1.org/"},
{"url": "http://malware.testing.google.test"},
{"url": "http://www.urltocheck2.org/"},
{"url": "http://www.urltocheck3.com/"}
]
}
}
And getting back an empty response which is not what I'm expecting with the URLs supplied and following their example.
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
Date: Wed, 08 Sep 2021 15:05:59 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Accept-Ranges: none
Vary: Accept-Encoding
Content-Length: 3
{}
https://transparencyreport.google.com/safe-browsing/search?url=malware.testing.google.test
https://developers.google.com/safe-browsing/v4/lookup-api
You need to pass API key
You need to pass MALWARE url": "http://www.urltocheck1.org/"
if it is not malware it will show empty. try the following url
https://testsafebrowsing.appspot.com/s/malware.html with your code. please search and test with other maleware site

How to retrieve a list of Github issues using Postman API

I'm using Postman to test pulling a list of issues from my Github
In command line I can do the following
curl -i -H 'Authorization: token <mytoken>' \
https://api.github.com/user/issues
which I think it returning an empty block:
HTTP/1.1 200 OK
Server: GitHub.com
Date: Tue, 04 Oct 2016 22:01:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 5
Status: 200 OK
X-RateLimit-Limit: 5000
X-RateLimit-Remaining: 4988
X-RateLimit-Reset: 1475621615
Cache-Control: private, max-age=60, s-maxage=60
Vary: Accept, Authorization, Cookie, X-GitHub-OTP
ETag: "db74aad51113746c20473c4cf2b08bde"
X-OAuth-Scopes: gist, notifications, repo, user
X-Accepted-OAuth-Scopes:
X-GitHub-Media-Type: github.v3
Access-Control-Expose-Headers: ETag, Link, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-XSS-Protection: 1; mode=block
Vary: Accept-Encoding
X-Served-By: cee4c0729c8e9147e7abcb45b9d69689
X-GitHub-Request-Id: 520E2ADF:3E4D:3650D52:57F426B6
[
]
So I am testing it in Postman, but whilst I can do a simple token GET request, i'm getting the following in Postman
{
"message": "Not Found",
"documentation_url": "https://developer.github.com/v3"
}
I had missed adding the scope for the Application Token I had setup
https://developer.github.com/v3/oauth/

jquery.ajax() POST receives empty response with IE10 on Nginx/PHP-FPM but works on Apache

I use a very simple jquery.ajax() call to fetch some HTML snippet from a server:
// Init add lines button
$('body').on('click', '.add-lines', function(e) {
$.ajax({
type : 'POST',
url : $(this).attr('href')+'?ajax=1&addlines=1',
data : $('#quickorder').serialize(),
success : function(data,x,y) {
$('#directorderform').replaceWith(data);
},
dataType : 'html'
});
e.preventDefault();
});
On the PHP side i basically echo out a HTML string. The jQuery version is 1.8.3.
The problem is in IE10: While it works fine there on Server A which runs on Apache it fails on Server B which runs on Nginx + PHP-FPM: If i debug the success handler on Server B I get a undefined for data. In the Network tab of the IE developer tools I can see the full response and all headers. It may affect other IE versions, but i could only test IE10 so far.
Here are the two response headers:
Server A, Apache (works):
HTTP/1.1 200 OK
Date: Thu, 25 Apr 2013 13:28:08 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1268
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Server B, Nginx + PHP-FPM (fails):
HTTP/1.1 200 OK
Server: nginx/1.1.19
Date: Thu, 25 Apr 2013 13:41:43 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
The body part looks the same in both cases.
Any idea what could cause this issue?
Please also check the Content-Type Header, since Apache and Nginx are sending different values:
Content-Type: text/html; charset=UTF-8
vs.
Content-Type: text/html; charset=utf8
Update your Nginx config, add this line:
charset UTF-8;