Currently my job is to hide the username and password from being displayed when we passing the value to icewarp webmail. The previous developer passing the value like below :
Header("refresh:0;url=http://sample-icewarp.com/webmail/index.html?!#$username:$password");
and it redirect user to icewarp webmail, but with username and password displayed on address bar for split seconds. But on slow connection, it give enough time to read and memorize it.
I am planning to work with base64 encoding. But i am confuse, do i need to make icewarp decode as well?
I am not programming expert, working as IT technical support. This has become my part of job.
From googling, i found this sample code of base64 encoding :
$data = /* some data */;
$base64Data = base64_encode($data);
$urlData = urlencode($base64Data);
$htmlData = htmlspecialchars($urlData);
printf('<input type="hidden" value="%s" name="pass-it-on">', $htmlData);
How do i edit this thing to make it redirect to icewarp webmail?
Why dont you use external login (see icewarp/html/webmail/client/_external)? It would use AFAIK the RSA login icewarp has. Or SSO...
Related
I have a lot of free-style jobs in my Jenkins instance. I create them with Jenkins API (generate XML-file with configuration and post them by "http://my-jenkins-instance:8080/createItem?name=JobName").
There is one problem - I can not generate value in secret fields. For example, I want such a config:
Inject passwords to the build as environment variables -> Job passwords.
And I need to set 123 to Password field.
I can not do this through XML because it appears decoded in XML. Something like this: {AQAAABAAAANwHq0hsSF6...}
I want to set the value to this parameter
So my questions are:
Can I get the decoded value of a plain password through some API? So I could send 123 and get {AQAAABAAAANwHq0hsSF6...} back.
If not, can I set secret value some other way? I can only think of using Selenium but it is too slow (comparing to API).
I have found the solution.
I can set the value as a plain text: <value>123</value>, create or update a job. Then I need to disable and enable the job.
When I create a share link in the UI with the "Anyone with this link can view this item" option, I get a URL that looks like https://onedrive.live.com/redir?resid=XXX!YYYY&authkey=!ZZZZZ&ithint=<contentType>. What I can't figure out is how to use this URL from code to download the content of the file. Hitting the link gives HTML for a page to show the file.
How can I construct a call to download the file? Also, is there a way to construct a call to get some (XML/JSON) metadata about the file, and maybe even a preview or something? I want to be able to do this all without prompting a user for credentials, and all the API docs are about how to make authenticated calls. I want to make anonymous calls to get publicly-shared files.
Have a read over https://dev.onedrive.com - it documents how you can make a query to our service to get the metadata for an item, along with URLs that can be used to directly download the content.
Update with more details
Sorry, the documentation you need for your specific scenario is still in process (along with the associated SDK changes) so I'll give you an overview of how to do it.
There's a sibling to the /drives path called /shares which accepts a sharing URL (such as the one you have above) in an encoded format and allows you to get metadata for the item it represents. This does not require authentication provided the sharing URL has a valid authkey.
The encoding scheme for the id is u!<UrlSafeBase64EncodedUrl>, where <UrlSafeBase64EncodedUrl> follows the guidelines outlined here (trim the = characters from the end).
Here's a snippet that should give you an idea of the whole process:
string originalUrl = "https://onedrive.live.com/redir?resid=XXX!YYYY&authkey=!foo";
byte[] urlAsUtf8Bytes = Encoding.UTF8.GetBytes(originalUrl);
string utf8BytesAsBase64String = Convert.ToBase64String(urlAsUtf8Bytes);
string encodedUrl = "u!" + utf8BytesAsBase64String.TrimEnd('=').Replace('/', '_').Replace('+', '-');
string metadataUrl = "https://api.onedrive.com/v1.0/shares/" + encodedUrl + "/root";
From there you can append /content if you want to get the contents of the file, or you can start navigating through if the URL represents a folder (e.g. /children/childfile.txt)
When I recorded the login process, the password is encrypted in the request, so when I tried to change the credentials by setting the password to plain text, I get 500 response code.
Try to identify the encoding mechanism and encrypt the password on the fly using Beanshell PreProcessor the following example encodes value stored under ${plainpassword} variable using Base64 encoding and stores encrypted value as ${encodedpassword} variable
import org.apache.commons.net.util.Base64;
String plainPassword = vars.get("plainpassword");
String encodedPassword = new String(Base64.encodeBase64(plainPassword.getBytes()));
vars.put("encodedpassword", encodedPassword);
See How to Use BeanShell: JMeter's Favorite Built-in Component guide for more information on Beanshell scripting in JMeter and a form of Beanshell cookbook.
I am using revel to build my webapplication and trying to write authentication module.
I finished with sign up part and now heading to write sign in part.
I read about security part on The definitive guide to form-based website authentication and will use this recommendation.
What I am really do not know is, how sign in works. I am imaging that the process works like this:
User write username and password into the html form and press sign in
Server receive request and the controller will check, if user information match with data on database.
If yes, how continue.
The third point is where I am staying. But I have some idea how could works and not sure, if is the right way.
So when sign in information match with the database, I would set in session object(hash datatype) key value pair signed_in: true. Everytime when the user make a request to the webapplication, that need to be authenticated, I would look in the session object, if signed_in is true or not.
This is the way I would do, but as I mentioned above, I do not know if it is the right way.
Yes like #twotwotwo mentioned, give it the user id and also a role.
So server side rendered flow: Step 1
user sends username (or other identifier) and secret.
using scrypt or bcrypt the secret is checked against the stored salted hash in the database
if it matches you create a struct or a map
serialize struct or map into string (json, msgpack, gob)
encrypt the string with AES https://github.com/gomango/utility/blob/master/crypto.go (for instance). Set a global AES key.
create a unique cookie (or session) identifier (key)
store identifier and raw struct or map in database
send encrypted cookie out (id = encrypted_struct_or_map aka the encrypted string)
On a protected resource (or page): Step 2
read identifier from cookie
check if id exists in db
decode cookie value using AES key
compare values from cookie with stored values
if user.role == "allowed_to_access_this_resource" render page
otherwise http.ResponseWriter.WriteHeader(403) or redirect to login page
Now if you wanted you could also have an application-wide rsa key and before encrypting the cookie value sign the string with the rsa private key (in Step 1). In Step 2 decode with AES key, check if signature valid, then compare content to db stored content.
On any changes you have to update the cookie values (struct/map) and the info in the database.
I want to upload logo image from http://werkzeug.pocoo.org/
After saving it I tried the following. I'm a noob so please help..
the received stream when i upload through a html forms is
'GIF89a\xa0\x00\xa0\x00\xe3\x08\x00\x01\x03\x00,)\x00JB\x00g`\x00\x96\x8a\x00\xcd\xbc\x00\xe9\xd5\x00\xfd\xeb\x00\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff!\xf9\x04\x01\n\x00\x08\x00,\x00\x00\x00\x00\xa0\x00\xa0\x00\x00\x04\xfe\x10\xc9I\xab\xbd8\xeb\xcd\x11\xf8](\x8edi\x9e\xe8\xf4\xadi\xeb\xbep|\xad\xb4l\xdfx.\xd1\xbc\xee\xff#\x0eo\x18,\x1a}\xc3\xe4q\xc9l%\x05\xca\xa6t\xbaI\x12\x0eP"u\xcbM\x16\x0e\xe0l\x8fKfZ\xc1hq\xad\xcc\x06\x9e\xd1\xe9h{n{\xc3\xd1\x039}\x9f\xb2\xdf\xf1z|\x82"~\x7f\x80Z\x83\x89UCW\x86\x86y\x88\x8a\x92\x14\x85\x8ep\x90c\x93\x93\x95\x96\x97\x81\x9a|\x9c\x9d\x9e\x91\xa0tI\x03\xa3\xaa\x98k\xa6s\xa2\xaaw\x04\x9f\xaeT\xb0\xb1\xb2\xb4\xb5fC\xa9\xb8\xb1\x06\xb3\xa5\xbbK\xa8\xbf\xc7\xc2\x99\xc4G\xc6\xc7\xc8\xba\xcb9\xcd\xce\xcf\xc3\xd18\xd3\xd4\xd5\xca\xd77\xd9\xda\xdb\xad\xdd2\xdf\xe0\xe1,\xe31\xe5\xe6\xe7 \xe9.\xa8\x06\xec\xec\xc9\xe2\xef%O\xf3\xfa\xf5\xe8\xf7$\xf9\xfa\xf6A\xf37c\x88\x00y\x01\xf5\x15\x18HP\x85A\x84\t\x152$\x080b\xc2\x85\xd6\x1az0h\xb1#Fn\xfe\x1a\x9f#\xecxq\xe2\xb5$\x01F\x92,\x99q\x1c\xca\x950?\xdaK\'\x12fL\x93\xa6P\xaa\xb4i\xd1\x00\xceMCR\xf2\xe4\xe9\xb3e\xce\xa0;\x87z\x0c`\x14(\x0f\xa1J\x87\x16`\n\x12\x94\xce\xa8Qe\xf6;\xfa4)\xd6\x95S\x9b\xeeI\x02\xc0k#\x03\xc1\x08\x0c\x10\xc0v\x00\x81\x02f\x15R\x9d9\xe8\xea\xca`n\xd5\xe6\x1d\xc0T\xad\x00\x02q\xcd\x85\xad:\xd6K\xcc\x00\x7f\xbf\x1c0P`\xc0\x80`l\xdf\xaa\xbd;wk(\xa4D\x19;\x06\x8c\x86\x00`\x01\x01\xd62}\xdc\xd1#ew\x97\x87(\xc6\xba\x90\xf3\x81\xa9P\x19\xabu\x1d\xf14\x80\xd4<\x02\x83\x05 \x00\x0c\x81\x83\x86\x1a\x93d\x85\x9a\r\xca\xd5_\xc1,l\xdc\xdb\x92\xf0\x8e\xc4o\x1b7\x9c<\x97/G\xf2<\x93$p\xba\x0cY\xddC\'[\x82\xe8v{\xf7-d\x91WG\x13\x00\xaa\xa3\xd5\x02\xd4\x07\xe4N\xb8H\xfa\xf5\x7fL\xf3\xee\xc4\x18\x8c\x01\xe0\xd0\x89\xfe%\ru\xf8\xdd\x81\xd1u\xc1y\xe6\x19\x80\x16E\xc7\x8bj\x05:"L#\xef\xd1\x80`B\xff\t\xa8\x0e\x81\x11\xfe\x91\x85|p\xd4CaD\x19\xd6W\xc7-\x11~\x14\x97l\xdc\xdd\xa5Fq\x03B\xd8\xa1%\xc90\xd8\xc9\x85\x16\xbd(]\x8c<\x8c8c.\x16:\xa7 \x8e9j\x88\x0f\x87?\xc2\xa1\xd5\x07\x17\x06\x83\xc6T\xe0\xb1\xa3\xa37(FX\x94\x1d\xfaQh\x00i<9\xb8!#I\x1a\xc2\x0f\x84W\x96\xe5\x1fwk\xf9\xd8\xa0\x91\x8b\x80\x19&\x90dQ\xc5\xcfc\xffq6\x8b\x9a\x11y\xd9\x07\x92o\x8eI\xc3\x17~\xb9%F\x1eZ\x8ef\x93\x9e&\x90\x85g\x92~\xae#$\x16447[Z\x87\xb2II\x95\x056\xca\xe4x\x95\t0\x80b\xf2<\x9a\x10\xa2!(\xfa&\x9c/uR\x8f\x8d\x07,\x9a\'\x9b\xa6\x9ezH\x9c\x81a\xe2\xde\x99J\x91\x9a\x01Y\xa2\xce\xa8\xe9\x07 \xde\x81\x89|\xb4\xf14\xa6\x10\x98\xae\x17\x0cY+\xfe\xb8\n\x87~\x01\xfc\xf1\xa99Qvf\x94\xa2\xd5&\x17]\x8f\xbf,\xd4\\g\xce\x8e\xb2P*\xd5\xea\xba\xc3:In\x1b\xe43\x08\x05\x13l,\x1f\xf5*\xe60\xbc\xca\xea\x9f\x8e<|{\x0c_\x9b\xb1\xf3\x11\xab\xb1\x1c\xebP/\xf6.\x86/\r\xb7\xae\'gg\xef\xce;F\xbd\xf6\x96\xc8\xac\x99)\xae\x80\x900\r{8\xf1\xba\xb2\xea\xb7q\xc6\xb9\xae\xe0\xdf\\ \x83\xa1.\xc1\x11\xdb\xe6&~h\xb5\xda\xacr\x7f\xae\xa2\x04G\x1d{<q\xb8D!\xf6\x1a\r\x8d#\x92\xb0\xb4r\xac\x1cf\x99\xcc\xea[\x9d\xc7\xbd\xb1\xd2\x9e\xc5\xa3\xf8Y\x01\xcaI\x0e6\xb1\xd1GGj\xf3\n\x01\xb8\x8a\x96\xd3\x16\x08]\xf1\xc6\x1fd\xdb\x93\x7fV+\x9d\xf1\xb6\xbb\xf2 \xafRK~W\xa0i\xc0\xc9D\xaeg s\x9d6\xc7\xeb\xb5\x9d,IH\x93\xfd2.vk\x00\xf5W\x8c\x81\xfd\x01\xce6\xc9\xd4\xdc\xbf\x80\xff4xT\xbf\xe2\x9d\xdc\x7f\xcb\xae \xa9\xc8\xfe\xaa\x04\xde\xc1\xe3<\xe9\xfd\x10\xcbT\x15n\xf9\x96\x1fP\xfd\x87\xe6\xa5\xaa\r\xb9\xe1\x00\xfc\x1c\x95\xc7\xbe4\x1a\x18\xea\x84\xa8-\xb63\x9e\x0fq\xfbYT\xa5R#oc\x86K\xfb\x08\x9c\x93\xc8:\x00%\xf3\xdd\xbb\xcb\xfb\r\x16#\xc6\xc3\xff\x93/L\'s\x8b\xdf\xa0\xc9|!O\x01 \xb7\xfd\xa5\xe5|\xb3\x8e8\xdfo\x19\x96G\xc9\xd1\x9f\xf0\xb9\xf1`\x9b\xaeT\x86\xe5\xf3|\x80\xcf\x99\xffD\xfc\xf4\xecO\xbd\xfb<6\x03f\xa1\xcf\x81\xf1\x1e\x8fJ\xb7\xbfGL\xccuC\xb9\x9a\xef03\x1e\x01\xea`}\x12\xa1\x95\xb2N\xe3\x8b2!\xf0I\xf6C\x01\x04\xe7\xd1\xa8\xe4\xf5\x84*\xa1\xd9\xd4b0rA\x98YjOV\xbb\x88\x18B\xc32\x12\x92\x0e\x00\xe4\n\xcd\xef\x02\x98Ax\xe4\xab\x80\x1d;\xc8\x0c\xe7\xc7$\xd8\xa9\xc2\x81\xcc\xb8a\xc1\x9c\x91%R\x80\xe6\x03%\xdc\xd9\t\xbfG\xc0!\xfe"\x0b\x08"N\x12\x89\x06\xa3\x07a\r\x87?\xca\x82\xfe\xbe\x94F\xc3%R\taXd\xd9c\x92\x11"\xace\xecjU\x9c\x02\x03\x9dx\x07h]\xc9-\x17k\x9dn\xa6\xd4\x865\xb21\x0cX;Mh\xe8\xa6\n:\xbe\xa2+w\xc4\xe0\xc6\x92\xf8;/\x06\xc1\x8e\x05\xa3\x1b\xd1\x8e\x88\xc4\x00\xda&\x11H\t\xa3\x8b\x9a%\x93\x940\'cR\xb3\x0cn\x1a\x99\xb2\xdcX\x10<\x99L\xe3&\xc3v*4\x9aIq\xaa0%Wb\x96$\x8f}\xe6p\x80)\xca\x14\x1f\xe9\x8a\xa0x\xd0&6\xfb\x82\xd2\xde\x02\xb06\xd2\xb2\x16I\x90$\xb5x\xd8\xac*\xa9r\x19\xc1|\x1bb^\x885\xfa\xb4\xee\x8c\xbfD\xa6\x8c&\xb70V\xf4l\x96\x86<\xc54_\xb7<]\xcao1\xa3\x90\x98&\xa3\xc1\'\x98\xf4m\x16\xa9\xb0f*\xfd\xf8\x0e\xc3\x08\x13;T\xe9\x8d\x8a\x889Ev\xde\xa3\x9c$\xaa\xc7\xb0\xe6\xb7\xa5\xe7\xa9"\x9a\x14Q\xcd;\x9f\x85\x98\xe0\xf10%\x81\x11\xa7(\xef\xb9M\x0ce\xc13A\x02`\x1f\xfe\xb3\xb9\xca\x15\xdc\x12\x17\x98`^\xe9\x90xF{jd`\xdf\xd4G\xcb|\xc8\x8f$B\xcaD!\xf1\x9a6\x8a\xf8\x91+$\xc3\x9f\xfc\xf1\xe8G\x9f\xa6\xd2c\xd8,>\x12\x9d\x85I\xcd5S\x9a\xf2\xe0\xa2\xcfb\xc4\xf2ZuF\x9e\xf6\xd4\xa7!\xa5\x860T\x96<\xa3\x1e\x15\xa9\x7f\xc3\x85i|!\xa7\xd3\xb8OX\x14\xf5G\xb2<\xf6\xbc\x03it\xa7Y\r\xa8\xf5\xc4U\x19\xb5\x00\xeb5\xa0\x01\x99S\x9fz\xb7\xa4\x8eGi\x9c\x04\xe7(\xd6\xca\xd6\xb6F\x95\xac\xc53 J\xeb*\xb8\xbc\xe6G\x8a\xa9\x14\x18_\xd5W\xd3\xf7\x80P\xada\xad+\xba\x1c\xc1\x17\xdd\x08v\xb0(t\xab#\xf6\n\xd9\xd4\xa9.!\x8f\xad\xac\x13\xfc\xda\x0e\xcd\x92\x83\xb3\x01K\xacgA\xea(sdv\xb4/X\xac\xaaD\x8b\xdaK]\xf6\x17\xa7m-\x0c*R?\xca\xca\x96\xb0\xf8k\x1ako\xdb\xb5\r\xfeaI\xbc\xfdAM\x1cF\x97\xe0\x9eH\x88\xcf\x02\xaeq\xdd0\xb0A\xe5.\x97\xb9\xc8u\xees\xa1k5\xe9N\x97\xbaX\xdb\xedu\x915\xb1\xedZQ\xbb\xde\xdd\\\r\xc3;[\xdb\x92\x17\x1b\xe3<\xaf\x11\x16\x1a\x8d\x08\x00\x00;'
I receive the above using req.file["name"] and store it in the Mysql.
now when i read back from MySQL I get,
u'GIF89axa0x00xa0x00xe3x08x00x01x03x00,)x00JBx00g`x00x96x8ax00xcdxbcx00xe9xd5x00xfdxebx00xffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxffxff!xf9x04x01\nx00x08x00,x00x00x00x00xa0x00xa0x00x00x04xfex10xc9Ixabxbd8xebxcdx11xf8](x8edix9exe8xf4xadixebxbep|xadxb4lxdfx.xd1xbcxeexff#x0eox18,x1a}xc3xe4qxc9l%x05xcaxa6txbaIx12x0eP"uxcbMx16x0exe0lx8fKfZxc1hqxadxccx06x9exd1xe9h{n{xc3xd1x039}x9fxb2xdfxf1z|x82"~x7fx80Zx83x89UCWx86x86yx88x8ax92x14x85x8epx90cx93x93x95x96x97x81x9a|x9cx9dx9ex91xa0tIx03xa3xaax98kxa6sxa2xaawx04x9fxaeTxb0xb1xb2xb4xb5fCxa9xb8xb1x06xb3xa5xbbKxa8xbfxc7xc2x99xc4Gxc6xc7xc8xbaxcb9xcdxcexcfxc3xd18xd3xd4xd5xcaxd77xd9xdaxdbxadxdd2xdfxe0xe1,xe31xe5xe6xe7 xe9.xa8x06xecxecxc9xe2xef%Oxf3xfaxf5xe8xf7$xf9xfaxf6Axf37cx88x00yx01xf5x15x18HPx85Ax84\tx152$x080bxc2x85xd6x1az0hxb1#Fnxfex1ax9f#xecxqxe2xb5$x01Fx92,x99qx1cxcax950?xdaK\'x12fLx93xa6Pxaaxb4ixd1x00xceMCRxf2xe4xe9xb3excexa0;x87zx0c`x14(x0fxa1Jx87x16`\nx12x94xcexa8Qexf6;xfa4)xd6x95Sx9bxeeIx02xc0k#x03xc1x08x0cx10xc0vx00x81x02fx15Rx9d9xe8xeaxca`nxd5xe6x1dxc0Txadx00x02qxcdx85xad:xd6Kxccx00x7fxbfx1c0P`xc0x80`lxdfxaaxbd;wk(xa4Dx19;x06x8cx86x00`x01x01xd62}xdcxd1#ewx97x87(xc6xbax90xf3x81xa9Px19xabux1dxf14x80xd4<x02x83x05 x00x0cx81x83x86x1ax93dx85x9a\rxcaxd5_xc1,lxdcxdbx92xf0x8exc4ox1b7x9c<x97/Gxf2<x93$pxbax0cYxddC\'[x82xe8v{xf7-dx91WGx13x00xaaxa3xd5x02xd4x07xe4Nxb8Hxfaxf5x7fLxf3xeexc4x18x8cx01xe0xd0x89xfe%\ruxf8xddx81xd1uxc1yxe6x19x80x16Exc7x8bjx05:"L#xefxd1x80`Bxff\txa8x0ex81x11xfex91x85|pxd4CaDx19xd6Wxc7-x11~x14x97lxdcxddxa5Fqx03Bxd8xa1%xc90xd8xc9x85x16xbd(]x8c<x8c8c.x16:xa7 x8e9jx88x0fx87?xc2xa1xd5x07x17x06x83xc6Txe0xb1xa3xa37(FXx94x1dxfaQhx00i<9xb8!#Ix1axc2x0fx84Wx96xe5x1fwkxf9xd8xa0x91x8bx80x19&x90dQxc5xcfcxffq6x8bx9ax11yxd9x07x92ox8eIxc3x17~xb9%Fx1eZx8efx93x9e&x90x85gx92~xae#$x16447[Zx87xb2IIx95x056xcaxe4xx95\t0x80bxf2<x9ax10xa2!(xfa&x9c/uRx8fx8dx07,x9a\'x9bxa6x9ezHx9cx81axe2xdex99Jx91x9ax01Yxa2xcexa8xe9x07 xdex81x89|xb4xf14xa6x10x98xaex17x0cY+xfexb8\nx87~x01xfcxf1xa99Qvfx94xa2xd5&x17]x8fxbf,xd4\\gxcex8exb2P*xd5xeaxbaxc3:Inx1bxe43x08x05x13l,x1fxf5*xe60xbcxcaxeax9fx8e<|{x0c_x9bxb1xf3x11xabxb1x1cxebP/xf6.x86/\rxb7xae\'ggxefxce;Fxbdxf6x96xc8xacx99)xaex80x900\r{8xf1xbaxb2xeaxb7qxc6xb9xaexe0xdf\\ x83xa1.xc1x11xdbxe6&~hxb5xdaxacrx7fxaexa2x04Gx1d{<qxb8D!xf6x1a\rx8d#x92xb0xb4rxacx1cfx99xccxea[x9dxc7xbdxb1xd2x9exc5xa3xf8Yx01xcaIx0e6xb1xd1GGjxf3\nx01xb8x8ax96xd3x16x08]xf1xc6x1fdxdbx93x7fV+x9dxf1xb6xbbxf2 xafRK~Wxa0ixc0xc9Dxaeg sx9d6xc7xebxb5x9d,IHx93xfd2.vkx00xf5Wx8cx81xfdx01xce6xc9xd4xdcxbfx80xff4xTxbfxe2x9dxdcx7fxcbxae xa9xc8xfexaax04xdexc1xe3<xe9xfdx10xcbTx15nxf9x96x1fPxfdx87xe6xa5xaa\rxb9xe1x00xfcx1cx95xc7xbe4x1ax18xeax84xa8-xb63x9ex0fqxfbYTxa5R#ocx86Kxfbx08x9cx93xc8:x00%xf3xddxbbxcbxfb\rx16#xc6xc3xffx93/L\'sx8bxdfxa0xc9|!Ox01 xb7xfdxa5xe5|xb3x8e8xdfox19x96Gxc9xd1x9fxf0xb9xf1`x9bxaeTx86xe5xf3|x80xcfx99xffDxfcxf4xecOxbdxfb<6x03fxa1xcfx81xf1x1ex8fJxb7xbfGLxccuCxb9x9axef03x1ex01xea`}x12xa1x95xb2Nxe3x8b2!xf0Ixf6Cx01x04xe7xd1xa8xe4xf5x84*xa1xd9xd4b0rAx98YjOVxbbx88x18Bxc32x12x92x0ex00xe4\nxcdxefx02x98Axxe4xabx80x1d;xc8x0cxe7xc7$xd8xa9xc2x81xccxb8axc1x9cx91%Rx80xe6x03%xdcxd9\txbfGxc0!xfe"x0bx08"Nx12x89x06xa3x07a\rx87?xcax82xfexbex94Fxc3%R\taXdxd9cx92x11"xacexecjUx9cx02x03x9dxx07h]xc9-x17kx9dnxa6xd4x865xb21x0cX;Mhxe8xa6\n:xbexa2+wxc4xe0xc6x92xf8;/x06xc1x8ex05xa3x1bxd1x8ex88xc4x00xda&x11H\txa3x8bx9a%x93x940\'cRxb3x0cnx1ax99xb2xdcXx10<x99Lxe3&xc3v*4x9aIqxaa0%Wbx96$x8f}xe6px80)xcax14x1fxe9x8axa0xxd0&6xfbx82xd2xdex02xb06xd2xb2x16Ix90$xb5xxd8xac*xa9rx19xc1|x1bb^x885xfaxb4xeex8cxbfDxa6x8c&xb70Vxf4lx96x86<xc54_xb7<]xcao1xa3x90x98&xa3xc1\'x98xf4mx16xa9xb0f*xfdxf8x0exc3x08x13;Txe9x8dx8ax889Evxdexa3x9c$xaaxc7xb0xe6xb7xa5xe7xa9"x9ax14Qxcd;x9fx85x98xe0xf10%x81x11xa7(xefxb9Mx0cexc13Ax02`x1fxfexb3xb9xcax15xdcx12x17x98`^xe9x90xF{jd`xdfxd4Gxcb|xc8x8f$BxcaD!xf1x9a6x8axf8x91+$xc3x9fxfcxf1xe8Gx9fxa6xd2cxd8,>x12x9dx85Ixcd5Sx9axf2xe0xa2xcfbxc4xf2ZuFx9exf6xd4xa7!xa5x860Tx96<xa3x1ex15xa9x7fxc3x85i|!xa7xd3xb8OXx14xf5Gxb2<xf6xbcx03itxa7Y\rxa8xf5xc4Ux19xb5x00xeb5xa0x01x99Sx9fzxb7xa4x8eGix9cx04xe7(xd6xcaxd6xb6Fx95xacxc53 Jxeb*xb8xbcxe6Gx8axa9x14x18_xd5Wxd3xf7x80Pxadaxad+xbax1cxc1x17xddx08vxb0(txab#xf6\nxd9xd4xa9.!x8fxadxacx13xfcxdax0excdx92x83xb3x01KxacgAxea(sdvxb4/XxacxaaDx8bxdaK]xf6x17xa7m-x0c*R?xcaxcax96xb0xf8kx1akoxdbxb5\rxfeaIxbcxfdAMx1cFx97xe0x9eHx88xcfx02xaeqxdd0xb0Axe5.x97xb9xc8uxeesxa1k5xe9Nx97xbaXxdbxedux915xb1xedZQxbbxdexdd\\\rxc3;[xdbx92x17x1bxe3<xafx11x16x1ax8dx08x00x00;'
All the escape characters are gone now, i want to display this file and i'm not able to on the HTML after i send a response.
Why is this happening and how can I fix this ? I'm not able to get through this for more than a week.
I'm using python2.7.3 and werkzeug and mysql-connector for python.
The example code in one of the github uses this
'R0lGODlhoACgAOMIAAEDACwpAEpCAGdgAJaKAM28AOnVAP3rAP/////////\n//////////////////////yH5BAEKAAgALAAAAACgAKAAAAT+EMlJq704680R+F0ojmRpnuj0rWnrv\nnB8rbRs33gu0bzu/0AObxgsGn3D5HHJbCUFyqZ0ukkSDlAidctNFg7gbI9LZlrBaHGtzAae0eloe25\n7w9EDOX2fst/xenyCIn5/gFqDiVVDV4aGeYiKkhSFjnCQY5OTlZaXgZp8nJ2ekaB0SQOjqphrpnOiq\nncEn65UsLGytLVmQ6m4sQazpbtLqL/HwpnER8bHyLrLOc3Oz8PRONPU1crXN9na263dMt/g4SzjMeX\nm5yDpLqgG7OzJ4u8lT/P69ej3JPn69kHzN2OIAHkB9RUYSFCFQYQJFTIkCDBiwoXWGnowaLEjRm7+G\np9A7Hhx4rUkAUaSLJlxHMqVMD/aSycSZkyTplCqtGnRAM5NQ1Ly5OmzZc6gO4d6DGAUKA+hSocWYAo\nSlM6oUWX2O/o0KdaVU5vuSQLAa0ADwQgMEMB2AIECZhVSnTno6spgbtXmHcBUrQACcc2FrTrWS8wAf\n78cMFBgwIBgbN+qvTt3ayikRBk7BoyGAGABAdYyfdzRQGV3l4coxrqQ84GpUBmrdR3xNIDUPAKDBSA\nADIGDhhqTZIWaDcrVX8EsbNzbkvCOxG8bN5w8ly9H8jyTJHC6DFndQydbguh2e/ctZJFXRxMAqqPVA\ntQH5E64SPr1f0zz7sQYjAHg0In+JQ11+N2B0XXBeeYZgBZFx4tqBToiTCPv0YBgQv8JqA6BEf6RhXx\nw1ENhRBnWV8ctEX4Ul2zc3aVGcQNC2KElyTDYyYUWvShdjDyMOGMuFjqnII45aogPhz/CodUHFwaDx\nlTgsaOjNyhGWJQd+lFoAGk8ObghI0kawg+EV5blH3dr+digkYuAGSaQZFHFz2P/cTaLmhF52QeSb45\nJwxd+uSVGHlqOZpOeJpCFZ5J+rkAkFjQ0N1tah7JJSZUFNsrkeJUJMIBi8jyaEKIhKPomnC91Uo+NB\nyyaJ5umnnpInIFh4t6ZSpGaAVmizqjpByDegYl8tPE0phCYrhcMWSv+uAqHfgH88ak5UXZmlKLVJhd\ndj78s1Fxnzo6yUCrV6rrDOkluG+QzCAUTbCwf9SrmMLzK6p+OPHx7DF+bsfMRq7Ec61Av9i6GLw23r\nidnZ+/OO0a99pbIrJkproCQMA17OPG6suq3cca5ruDfXCCDoS7BEdvmJn5otdqscn+uogRHHXs8cbh\nEIfYaDY1AkrC0cqwcZpnM6ludx72x0p7Fo/hZAcpJDjax0UdHavMKAbiKltMWCF3xxh9k25N/Viud8\nba78iCvUkt+V6BpwMlErmcgc502x+u1nSxJSJP9Mi52awD1V4yB/QHONsnU3L+A/zR4VL/indx/y64\ngqcj+qgTeweM86f0Qy1QVbvmWH1D9h+alqg254QD8HJXHvjQaGOqEqC22M54PcftZVKVSQG9jhkv7C\nJyTyDoAJfPdu8v7DRZAxsP/ky9MJ3OL36DJfCFPASC3/aXlfLOOON9vGZZHydGf8LnxYJuuVIbl83y\nAz5n/RPz07E+9+zw2A2ahz4HxHo9Kt79HTMx1Q7ma7zAzHgHqYH0SoZWyTuOLMiHwSfZDAQTn0ajk9\nYQqodnUYjByQZhZak9Wu4gYQsMyEpIOAOQKze8CmEF45KuAHTvIDOfHJNipwoHMuGHBnJElUoDmAyX\nc2Qm/R8Ah/iILCCJOEokGowdhDYc/yoL+vpRGwyVSCWFYZNljkhEirGXsalWcAgOdeAdoXcktF2udb\nqbUhjWyMQxYO01o6KYKOr6iK3fE4MaS+DsvBsGOBaMb0Y6IxADaJhFICaOLmiWTlDAnY1KzDG4ambL\ncWBA8mUzjJsN2KjSaSXGqMCVXYpYkj33mcIApyhQf6YqgeNAmNvuC0t4CsDbSshZJkCS1eNisKqlyG\ncF8G2JeiDX6tO6Mv0SmjCa3MFb0bJaGPMU0X7c8XcpvMaOQmCajwSeY9G0WqbBmKv34DsMIEztU6Y2\nKiDlFdt6jnCSqx7Dmt6XnqSKaFFHNO5+FmODxMCWBEaco77lNDGXBM0ECYB/+s7nKFdwSF5hgXumQe\nEZ7amRg39RHy3zIjyRCykQh8Zo2iviRKyTDn/zx6EefptJj2Cw+Ep2FSc01U5ry4KLPYsTyWnVGnvb\nUpyGlhjBUljyjHhWpf8OFaXwhp9O4T1gU9UeyPPa8A2l0p1kNqPXEVRm1AOs1oAGZU596t6SOR2mcB\nOco1srWtkaVrMUzIErrKri85keKqRQYX9VX0/eAUK1hrSu6HMEX3Qh2sCh0q0D2CtnUqS4hj62sE/z\naDs2Sg7MBS6xnQeooc2R2tC9YrKpEi9pLXfYXp20tDCpSP8rKlrD4axprb9u1Df5hSbz9QU0cRpfgn\nkiIzwKucd0wsEHlLpe5yHXuc6FrNelOl7pY2+11kTWx7VpRu97dXA3DO1vbkhcb4zyvERYajQgAADs\n='
This works perfectly and its all normal text.. how can i get this one. ?
I found what was wrong, For anyone with the same problem.. File upload sends in hex format or raw strings when received. The uploaded file stream needs to be Encoded with 'base64' and stored in mysql. Mysql tries to remove the escape characters when trying to store the raw strings so the stream needs to be encoded.
req.file.stream.read().encode('base64')
when sending the file to the client decode and set the mime type of the content as response.
This solved my issue.