I am new to GraphQL and have built a simple API using express and express-graphql. When I run my server and go to http://localhost:5000/graphql in the browser I see GraphiQL and can make basic queries.
I want to set the HTTP headers of a request however. I believe there should be a HTTP Headers tab next to the Query Variables tab in the screenshot below, but for some reason it is not there.
Any ideas why it is missing or how I then set the HTTP headers of a request to my API?
Related
I am trying to know how to send a GET request url using an authorization token in the header similar as below:
Authorization: Token token="here my personal token"
What have I tried:
In the composer, I have selected GET verb and I have indicated my url.
In the box under URL I have specified the headers, one line by line, and the last one I have specified is the above indicated.
When I click on Execute button I get HTTP 502 error message.
In Postman, another alternative to Fiddler Classic, I specify the authorization token in the header and it works ok.
So what am I doing wrong in Telerik Fiddler Classic?
Postman configuration
Postman Params tab:
Postman Authorization tab:
Postman Headers tab:
Postman 7 hidden header entries:
These hidden entries are postman-specific. I have not introduced them manually. Only first two are checked (enabled), the rest are unchecked (disabled). In case of first hidden header "Cookie", if I remove it and send the request, it is added automatically by Postman again.
And the same in Telerik Fiddler Classic, same request with same params and headers does not work. See below screenshot.
Telerik Fiddler Classic configuration
UPDATE 2021/07/28:
Finally I have solved by changing TLS from 1.0 to 1.2.
Below are the steps I have followed in Fiddler Classic:
Tools/Options/HTTPS
Check "Decrypt HTTP traffic"
Install fiddler certificate
Change TLS1.0 to TLS1.2 in protocols
After doing that, I execute the request and it works perfectly.
Also, I do not know why but once I have done above steps if I go again to Tools/Options/HTTPS and uncheck "Decrypt HTTP traffic" option, the request continue working correctly.
I am trying to use jmeter to Automate graphql API testing. I have done the manual testing with postman. However, since some one suggested i am trying to automate with jmeter. unfortunately i am new to API testing itself and having great difficulties.
As i understand Graphql method only deals with POST, but in my Jmeter it is throwing an error, but when i change it to GET, i get 200 ok response.
Also in the body data i am directly entered the graphQL query is this correct.
In the return response data i don get any information related to my query.
I have added header manager with
Content-type = "Application/json"
Accept-encoding
Authorization
Accept
Connection
My graphql query is
query{cmCases(filters: {caseId:"case-6"})
{
items {
id
}
}
}
In the response i am just receiving meta data.
Looking into HTTP Methods, Headers, and Body chapter of the GraphQL documentation GraphQL supports both GET and POST methods so you can choose whatever you want or whatever you need
Looking into HTTP Headers documentation chapter header values are case-sensitive so you need to change Application/json to application/json in the HTTP Header Manager
Given you can successfully execute request in Postman you should be able to record this request by JMeter's HTTP(S) Test Script Recorder, just configure Postman to use JMeter as the proxy
Starting with upcoming JMeter 5.3.1 or 5.4 you’ll be able to use the GraphQL Http Request.
Until it is released you can try a nightly build:
https://ci.apache.org/projects/jmeter/nightlies/
See:
https://github.com/apache/jmeter/pull/627
I'm not able to figure out why the REST API call works just fine in Postman but not in the GraphQL Playground. If I could see the actual REST call being made by GraphQL, would be helpful to debug the issue.
Firecamp's GraphQL client lets you test the GraphQL as an API call or as a Query way.
Here is the dedicated GraphQL client
Here is REST like GraphQL client
Note: Make sure that you double-check the method and headers while using REST-like GraphQL client. IN most cases method would be post and header should contains Content-Type: application-json / application/graphql
The GraphQL playground allows to send GraphQL queries/mutations to your GraphQL server. You can see the requests that are send using the network tab of a browser dev tools.
For example, if a server is in running at the following address http://localhost:4000/graphql, sending a query/mutation, a XHR request will be sent to it. In the Request Payload of the Headers section there is the query/mutation itself.
In the Response section you can see the returned response.
You can start having a look at the returned response of your query/mutation. Perhaps there is something wrong in the related resolve function in GraphQL.
I am trying to make a script to test REST services using Jmeter.
Till now I was using Chrome’s Advanced REST Client.
My authentication request was GET and it was something like this in Advanced REST:
https://username:password#URL:portnumber
its a GET request
Now when I am using Jmeter. I tried following ways:
I added HTTP Authorization Manager and mentioned Base URL and Username/password inside it.
When I am trying to do a request then its showing me “Unauthorized”
I also tried to login using normal https request but no success.
When accessed manually, a authorization popup window appears and username and password is submitted inside this window.
Please suggest me a way for how to login using Jmeter.
Few suggestions:
Most likely you have mismatch in URL you're trying hit and the one, specified in HTTP Authorization Manager, double check it.
Add View Results Tree listener and make sure that the header like:
Authorization: Basic xxxxxxxxxxxx=
is being sent along with the request and compare it with the one, sent by the real browser.
Try switching "Implementation" of your HTTP Request samplers to HttpClient3.1, the easiest way of doing this is using HTTP Request Defaults
And finally, you can use HTTP Header Manager to send the relevant header, it's name should be Authorization and value Basic and username:password encoded in Base64. There is base64Encode function available via JMeter Plugins.
A CORS POST request (AJAX) made by my client server (running on Apache # port 443) to my REST server (running on Tomcat # port 8443), fails to trigger when tried over HTTPS.
Please note that all the requests function properly without SSL.
I have already set the withCredentials: true options in the request fields. And my Tomcat server also takes care of the appropriate headers :
response.addHeader("Access-Control-Allow-Origin", "https://localhost");
response.addHeader("Access-Control-Allow-Credentials", "true");
response.addHeader("Access-Control-Allow-Headers", "Content-Type");
response.addHeader("Access-Control-Allow-Methods", "OPTIONS, POST");
I also tried using Curl, but the issue persisted over SSL. However, the Tomcat server responds to all my requests when tried directly over Postman/through the browser.
Could someone tell me what I'm missing out here?
I'm assuming this is an issue with the preflight request. There are two types of CORS requests: simple, and not-so-simple.
The simple kind is either a GET or POST with no custom headers whose content type is "text/plain".
The not-so-simple kind is any request using custom headers, utilising request methods other than POST or GET, and using different content body types. These requests will be "preflighted"; that is the browser will make a preflight request on the clients behalf in order to determine whether or not the server will allow this request. The preflight request uses the OPTIONS method. I'm willing to bet if you use something like Firebug to have a look what's going on you'll see something like this in the Net tab: "OPTIONS activity" with a status of "Aborted".
Unfortunately the preflight request doesn't pass the client certificate to the server which is why your request is failing to trigger. You need to disable two way SSL in order to get it working. In Apache you can try changing the SSLVerifyClient to:
SSLVerifyClient optional
I've used this before in order to get my cross domain AJAX calls working over HTTPS.
Good luck.