Poster Plugin with Autohot key - httprequest

am trying to create a GUI with autohotkey for a poster request using autohotkey.
for Ex:
{
"hwId":"2703",
"clientApiVersion":"1.0.0",
"sellId":"123456",
"uid":"123456",
"targetUserId":"123456",
"templateId":"123456",
"overrideValues": [{"name":"USERNAME","value":"test"}],
"customMessages": [{"name":"key1","value":"value1"},{"name":"key2","value":"value2"}],
"language":"en",
"verificationCode":"code",
"badge":"33",
}
this is the poster body that i use. these are inputs that go in and the output is shown. usally when i send a POST request i get a response in json. Can some on help me with this... i tried searching the web but could not find anything that is relevant to the poster plugin with autohotkey.
Kindly help me guys.
Following is the code that i used
#NoEnv
#SingleInstance, Force
;InputBox, pass, Password, Enter password.
URL := "https://examplesite.com/exchange/api/ios/sendPushNotificationTemplateByUid"
;PostData := "username=Pulover&password=" pass
PostData := "
(
hwId=2703,
clientApiVersion=1.0.0,
sellId=865895,
uid=573675618,
targetUserId=573675618,
templateId=78,
language=en,
verificationCode=code,
badge=50,
)"
oHTTP := ComObjCreate("WinHttp.WinHttpRequest.5.1")
;Post request
oHTTP.Open("POST", URL , False)
;Add User-Agent header
oHTTP.SetRequestHeader("User-Agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)")
;Add Referer header
oHTTP.SetRequestHeader("Referer", URL)
;Add Content-Type
oHTTP.SetRequestHeader("Content-Type", "application/JSON")
;Send POST request
oHTTP.Send(PostData)
;Get received data
Gui, Add, Edit, w800 r30, % oHTTP.ResponseText
Gui, Show
return
GuiClose:
ExitApp


The example body is written in JSON. So I'm highly suggesting you to use a JSON lib. This is the one I've been using so far without any problems: http://pastebin.com/6EzQAHbH
Just save it as jsonParser.ahk in your scripts dir. I wrote you a pretty clean example of what I think you are looking for:
#Include jsonParser.ahk
url := "https://examplesite.com/exchange/api/ios/sendPushNotificationTemplateByUid"
username := "USERNAME"
Gui, Add, Edit, w800 r30 vResponseEdit
Gui, Show
body_AhkObj := {"hwId": "2703"
,"clientApiVersion": "1.0.0"
,"sellId": "123456"
,"uid": "123456"
,"targetUserId": "123456"
,"templateId": "123456"
,"overrideValues": [{"name":username,"value":"test"}]
,"customMessages": [{"name":"key1","value":"value1"}, {"name":"key2","value":"value2"}]
,"language": "en"
,"verificationCode": "code"
,"badge": "33"}
;change the sellId after the object was created
body_AhkObj.sellId := "987654321"
;;;;;;;;
body_JsonCode := BuildJson(body_AhkObj)
WinHttpObj := ComObjCreate("WinHttp.WinHttpRequest.5.1")
WinHttpObj.Open("POST", url)
WinHttpObj.SetRequestHeader("User-Agent", "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)")
WinHttpObj.SetRequestHeader("Referer", url)
WinHttpObj.SetRequestHeader("Content-Type", "application/JSON")
WinHttpObj.Send(body_JsonCode)
GuiControl,, ResponseEdit, % WinHttpObj.ResponseText
Return
GuiClose:
ExitApp
Return

Related

Extracting data from a facebook page using HttpRequest and HttpResponse

I am trying to extract some business data from Facebook pages using VB.NET. However, I am not getting the response I would expect.
Dim request As HttpWebRequest
Dim response As HttpWebResponse
Dim responseText As String
request = CType(WebRequest.Create(http://www.facebook.com/Microsoft))
request.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705;)"
request.AllowAutoRedirect = True
response = CType(request.GetResponse(), HttpWebResponse)
If I look at the text for the response I get this:
<html><head><title>Redirecting...</title><script>__DEV__=0;_script_path = "XVanityURLController";var uri_re=/^(?:(?:[^:\/?#]+):)?(?:\/\/(?:[^\/?#]*))?([^?#]*)(?:\?([^#]*))?(?:#(.*))?/,target_domain='';window.location.href.replace(uri_re,function(a,b,c,d){var e,f,g;e=f=b+(c?'?'+c:'');if(d){d=d.replace(/^(!|%21)/,'');g=d.charAt(0);if(g=='/'||g=='\\')e=d.replace(/^[\\\/]+/,'/');}if(e!=f)window.location.replace(target_domain+e);});</script><script type="text/javascript">/*<![CDATA[*/(function(){function si_cj(m){setTimeout(function(){new Image().src="https:\/\/error.facebook.com\/common\/scribe_endpoint.php?c=si_clickjacking&t=956"+"&m="+m;},5000);}if(top!=self && !false){try{if(parent!=top){throw 1;}var si_cj_d=["apps.facebook.com","apps.beta.facebook.com"];var href=top.location.href.toLowerCase();for(var i=0;i<si_cj_d.length;i++){if (href.indexOf(si_cj_d[i])>=0){throw 1;}}si_cj("3 ");}catch(e){si_cj("1 \t");window.document.write("\u003Cstyle>body * {display:none !important;}\u003C\/style>\u003Ca href=\"#\" onclick=\"top.location.href=window.location.href\" style=\"display:block !important;padding:10px\">Go to Facebook.com\u003C\/a>");/*kSxhSBR_*/}}}())/*]]>*/</script><script>window.location.replace("https:\/\/m.facebook.com\/AMD");</script><meta http-equiv="refresh" content="0;url=https://m.facebook.com/AMD" /></head><body></body></html>
However, when I use a WebBrowser it actually redirects me to the Microsoft page. I don't want to use a form though to accomplish this.
So, I'm not sure how to bypass this redirect with HttpWebRequest. Do I need to somehow login to facebook in order to get the response I'm looking for? If so, how do I do this? Please help, I've been banging my head on this for days.
##

The page is using javascript to perform the redirect.
Your HttpResponse is getting the HTML returned as string but it does not execute the JavaScript inside of it.
Try looking into using a headless web browser, such as Selenium.

Getting the number of google search hits with google api

I am trying to get the number of search results with a custum search engine. I tried the following code:
String charset = "UTF-8";
String google = "https://www.googleapis.com/customsearch/v1?key={mykey}" +
"&cx={mycxcode}&q=" +URLEncoder.encode(searchString, charset) +
")&fields=queries(request(totalResults)";
String userAgent = "Mozilla/5.0 (Windows; U; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)";
String totalResultsElementText = Jsoup.connect(google).userAgent(userAgent).ignoreContentType(true).get().text();
For this code i get the following error message:
org.jsoup.HttpStatusException: HTTP error fetching URL. Status=400, URL={myurl}
What am i doing wrong?

The url you are creating has error. You should change parameter fields to
&fields=queries/request(totalResults), because request is a field of queries, but not an array.
More about partial selectors can be found here.
String charset = "UTF-8";
String google = "https://www.googleapis.com/customsearch/v1?key={mykey}" +
"&cx={mycxcode}&q=" +URLEncoder.encode(searchString, charset) +
"&fields=queries/request(totalResults)";
String userAgent = "Mozilla/5.0 (Windows; U; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)";
String totalResultsElementText = Jsoup.connect(google).userAgent(userAgent).ignoreContentType(true).get().text();
Your result is in form of JSON so you can extract final value like that:
JSONObject json = new JSONObject(totalResultsElementText);
System.out.println(json.getJSONObject("queries").getJSONArray("request").getJSONObject(0).get("totalResults"));

Using WebClient to Download CSV File From SSRS Report

I'm trying to download a csv file from an SSRS report using the following code.
Const URI As String = "https://blah.blah.com/blah/_layouts/15/ReportServer/RSViewerPage.aspx?rv:RelativeReportUrl=/blah/Production%20Reports/The_File.rdl&rs:format=csv"
Const DESTINATION As String = "C:\MyFile.csv"
Using myWebClient As WebClient = New WebClient()
With myWebClient
.Headers.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8")
.Headers.Add("Accept-Encoding", "gzip, deflate, sdch, br")
.Headers.Add("Accept-Language", "en-US,en;q=0.8")
.Headers.Add("Content-Disposition", "attachment; filename=%22The%5FFile.csv%22")
.Headers.Add("Content-Encoding", "gzip")
.Headers.Add("Content-Type", "text/csv")
.Headers.Add("Vary", "Accept-Encoding")
.Headers.Add("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36")
.Headers.Add("Upgrade-Insecure-Requests", "1")
.Headers.Add("Referer", URI)
.Headers.Add("Cache-Control", "private")
.Credentials = New NetworkCredential("<my username>", "<my password>")
.DownloadFile(URI, DESTINATION)
End With
End Using
The problem is that the file that gets downloaded isn't a csv file. When I open it in any text editor, all I see are "garbage" characters which seem like some sort of encoding is going on. If I comment out the "Accept-Encoding" header and rerun the code, I get the code of the resulting HTML page - not the csv file I need. Anyone know how I can download the file correctly? BTW, I'm not sure all of the headers I added are necessary.

You need to change the URI constant from this:
Const URI As String = "https://blah.blah.com/blah/_layouts/15/ReportServer/RSViewerPage.aspx?rv:RelativeReportUrl=/blah/Production%20Reports/The_File.rdl&rs:format=csv"
To this:
Const URI As String = "https://blah.blah.com/blah/_layouts/15/ReportServer/RSViewerPage.aspx?rv:RelativeReportUrl=/blah/Production%20Reports/The_File.rdl&rs:format=csv&rs:Command=Render"
You are missing the Command=Render part of the Uri.

Interact with a JSF application which use basic authentication programmatically

I am having difficulties interacting with a website which use basic authentication to authenticate the user.
I am working on visual basic and i have already tried to use
Dim req As HttpWebRequest = HttpWebRequest.Create("http://url.to.website.com")
adding the headers directly to the web request:
req.Headers.Add("Authorization: Basic " & Convert.ToBase64String(Encoding.Default.GetBytes("user" & ":" & "password")))
or using the network credentials:
req.Credentials = New Net.NetworkCredential("user", "password")
receiving always the same response code: 401 Unauthorized
Using Firefox developer tools i can analyze and resend some web requests and only using Firefox i am able to authenticate correctly.
Firefox report these headers:
Host: url.to.website.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it-IT,it;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http.//url.to.website.com/portal/data/pub
DNT: 1
Authorization: Basic ZmFrZTpwYXNzd29yZA==
Connection: keep-alive
So i have tried to set it manaually this way:
req.Host = "url.to.website.com"
req.UserAgent = "Mozilla/5.0 (Windows NT 6.1; rv:11.0) Gecko/20100101 Firefox/11.0"
req.Accept = "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
req.Referer = "https://url.to.website.com/some/path/to/file.jsf"
req.ContentType = "application/x-www-form-urlencoded"
req.KeepAlive = True
req.PreAuthenticate = True
req.Method = "POST"
req.Headers.Add("Authorization: Basic " & Convert.ToBase64String(Encoding.Default.GetBytes("user" & ":" & "password")))
with no success (receiving always the same response code: 401 Unauthorized)
Another try was with a web-browser:
WebBrowser1.Navigate("url", Nothing, Nothing, "Authorization: Basic " & Convert.ToBase64String(Encoding.Default.GetBytes(AUTH_USER & ":" & AUTH_PASSWORD)))
My objective is to authenticate, then query some pages and collect responses in order to parse them and use it later in the application.
How can i solve the issue about authentication?
The website is written using JSF and i have no control over it.
Update:
My problem is about authentication, not yet about the jsf application.
While using Firefox all work fine (I can send a request to the website and it will authenticate me right) but while using the HttpWebRequest the authentication fails, even if I set the same headers, as Written before .
I have to figure out the difference between the two requests

I had to get this working for Dukes Forest Java EE Tutorial Port to Wildfly. The code was already written, but the header was case sensitive. Anyway, the code used there is as follows:
/* Client filter for basic HTTP auth */
class AuthClientRequestFilter implements ClientRequestFilter {
private final String user;
private final String password;
public AuthClientRequestFilter(String user, String password) {
this.user = user;
this.password = password;
}
#Override
public void filter(ClientRequestContext requestContext) throws IOException {
try {
requestContext.getHeaders().add(
"Authorization",
"Basic " + DatatypeConverter.printBase64Binary(
(user+":"+password).getBytes("UTF-8"))
);
} catch (UnsupportedEncodingException ex) { }
}
}
The DatatypeConverter is imported from javax.xml.bind. This code was called from the following routine, which has the HTTPClient:
Client client = ClientBuilder.newClient();
client.register(new AuthClientRequestFilter("jack#example.com", "1234"));
Response resp = client.target(ENDPOINT)
.request(MediaType.APPLICATION_XML)
.post(Entity.entity(order, MediaType.APPLICATION_XML), Response.class);
int status = resp.getStatus();
if (status == 200) {
success = true;
}
logger.log(Level.INFO, "[PaymentHandler] Response status {0}", status);
client.close();
return success;
This client code posts to a RESTful service.

CORS request is preflighted, but it seems like it should not be

The following cross-origin POST request, with a content-type of multipart/form-data and only simple headers is preflighted. According to the W3C spec, unless I am reading it wrong, it should not be preflighted. I've confirmed this happens in Chrome 27 and Firefox 10.8.3. I haven't tested any other browsers.
Here are the request headers, etc:
Request URL:http://192.168.130.135:8081/upload/receiver
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Content-Length:27129
Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryix5VzTyVtCMwcNv6
Host:192.168.130.135:8081
Origin:http://192.168.130.135:8080
Referer:http://192.168.130.135:8080/test/raytest-jquery.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.37 Safari/537.36
And here is the OPTIONS (preflight) request:
Request URL:http://192.168.130.135:8081/upload/receiver
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:origin, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:192.168.130.135:8081
Origin:http://192.168.130.135:8080
Referer:http://192.168.130.135:8080/test/raytest-jquery.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/28.0.1500.37 Safari/537.36
The spec seems pretty clear:
Only simple headers: CHECK
Only simple methods: CHECK
UPDATE: Here's some simple client-side code that will reproduce this:
var xhr = new XMLHttpRequest(),
formData = new FormData();
formData.append('myfile', someFileObj);
xhr.upload.progress = function(e) {
//insert upload progress logic here
};
xhr.open('POST', 'http://192.168.130.135:8080/upload/receiver', true);
xhr.send(formData);
Does anyone know why this is being preflighted?

I ended up checking out the Webkit source code in an attempt to figure this out (after Google did not yield any helpful hits). It turns out that Webkit will force any cross-origin request to be preflighted simply if you register an onprogress event handler. I'm not entirely sure, even after reading the code comments, why this logic was applied.
In XMLHttpRequest.cpp:
void XMLHttpRequest::createRequest(ExceptionCode& ec)
{
...
options.preflightPolicy = uploadEvents ? ForcePreflight : ConsiderPreflight;
...
// The presence of upload event listeners forces us to use preflighting because POSTing to an URL that does not
// permit cross origin requests should look exactly like POSTing to an URL that does not respond at all.
// Also, only async requests support upload progress events.
bool uploadEvents = false;
if (m_async) {
m_progressEventThrottle.dispatchEvent(XMLHttpRequestProgressEvent::create(eventNames().loadstartEvent));
if (m_requestEntityBody && m_upload) {
uploadEvents = m_upload->hasEventListeners();
m_upload->dispatchEvent(XMLHttpRequestProgressEvent::create(eventNames().loadstartEvent));
}
}
...
}
UPDATE: Firefox applies the same logic as Webkit, it appears. Here is the relevant code from nsXMLHttpRequest.cpp:
nsresult
nsXMLHttpRequest::CheckChannelForCrossSiteRequest(nsIChannel* aChannel)
{
...
// Check if we need to do a preflight request.
nsCOMPtr<nsIHttpChannel> httpChannel = do_QueryInterface(aChannel);
NS_ENSURE_TRUE(httpChannel, NS_ERROR_DOM_BAD_URI);
nsAutoCString method;
httpChannel->GetRequestMethod(method);
if (!mCORSUnsafeHeaders.IsEmpty() ||
(mUpload && mUpload->HasListeners()) ||
(!method.LowerCaseEqualsLiteral("get") &&
!method.LowerCaseEqualsLiteral("post") &&
!method.LowerCaseEqualsLiteral("head"))) {
mState |= XML_HTTP_REQUEST_NEED_AC_PREFLIGHT;
}
...
}
Notice the mUpload && mUpload->HasListeners() portion of the conditional.
Seems like Webkit and Firefox (and possibly others) have inserted some logic into their preflight-determination code that is not sanctioned by the W3C spec. If I'm missing something in the spec, please comment.

My guess is that the "boundary" on the Content-Type header is causing issues. If you are able to reproduce this, it should be filed as a browser bug, since the spec states that the Content-Type header check should exclude parameters.