I have an API on one of our production manifacturing machines that has no documentation but the machine also has web interface. I open the interface on our internal IP that machine has - https://192.168.55.61/
So when I go to the section where I see the logs from the machines I go to console->network and I see the endpoint request performing:
When I use the URL and cookie in my Postman it works and returns an answer:
The problem is answer's format. Here I am not familiar how I should handle this and if I should put another Header for format. Is it possible to read this as you can see it returns something quite not readable. Also vendor of the machine is not willing to give me API documentation as he is insisting that something like API does not exist on machine (which is obviously a lie).
Is there any change to check something on console->network also to be able to help me to read the format?
EDIT:
Response Headers:
Related
I read documents online. They say that
A GET-Ajax request is used for getting data from the server.
A POST-Ajax request is used for change data on the server.
But why is it?
A Get-Ajax request can change the data on the server TOO, right?
Why should only the POST-Ajax request change the data?
Is it because of a security reason or something? Please explain to me
GET and POST are different methods for web requests that provide different features/describe different intentions for programmers and APIs. You are correct that, technically speaking, if you want to do some other CRUD operation on the server when using a GET request, you can. Most would probably argue that this is not a good idea, in part for security/performance features that either method provides. Example: GET requests can be cached, POST cannot.
More on that here: https://www.w3schools.com/tags/ref_httpmethods.asp
So, I set up a couple Lambdas and the API gateway. I got it all working! Cool, so then the next step was to require an API key. Ok cool plenty of resources out there on how to set it up.
So I got that working as well and I could POST using postman and python (requests). I can provide the 'x-api-key' in the headers of the POST and it works, no issues.
HOWEVER, and here's the problem: The program I'm going to ultimately be using to POST to my gateway API doesn't allow you to edit the details of your POST. The program is called splunk, here's what it looks like. Basically it posts some payload for you, the headers/auth/body can't be edited by you, it just sends some pre-configured thing. You just provide the endpoint and it does the rest. This works if I do not require an API key.
So I started thinking, ok no huge problem, I have seen APIs before where you provide the API-Key in the URL and it authenticates you fine. So this would be something like:
https://exampleAPI/sendmydata?x-api-key=12345
However, I cannot get this to work in AWS for the life of me. I haven't found anything by googling. Is this something that's even possible?
Thank you!
If you must use API key usage plans, you could consider getting the posted API key parameter to API Gateway endpoint A from LambdaA and proxy it with the relevant headers to API Gateway endpoint B.
I am trying to send binary data from my AWS Lambda function as a response to an AWS Gateway GET Method that DOES NOT use Lambda Proxy integration. I have tried all sorts of variations but still can't make it work, although I feel like I am close.
My API Gateway HTTP request is returning:
But what I want is is the actual binary data:
I did attempt using a mapping template, but was unsuccessful due to my lack of understanding the templating syntax/behavior(I tried $util.base64Decode($input.body) but that produced a server error).
But I wasn't sure if that was even necessary since I have the content handling set to Convert to binary.
I ran into this problem but I used a proxy url. Make sure to enable Binary Media Types. Also do not forget to deploy your changes, simply saving is not enough. Also make sure you have the correct content type in the header with client sending the payload.
First I'm not in the web side of our world, so be nice with the backend guy.
A quick background : For a personal need I've developped a google chrome extension. They are basically a webpage loaded in a chrome windows and... yeah that's it. Everything is on the client side (scripts, styles, images, etc...) Only the data are coming from a server through ajax calls. A cron job call a php script every hours to generate two files. One, data.json contains the "latest" datas in a json format. Another one hash.json contain the hash of the data. The client chrome application use local storage. If the remote hash differ from the local one, he simply retrieve the data file from the remote server.
As I have a BizSpark account with Azure my first idea was : Azure Web Site with php for the script, a simple homepage and the generated file and the Azure Scheduler for the jobs.
I've developed everything locally and everything is running fine... but once on the azure plateform I get this error
XMLHttpRequest cannot load http://tso-mc-ws.azurewebsites.net/Core/hash.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:23415' is therefore not allowed access.
But what I really can't understand is that I'm able (and you'll be too) to get the file with my browser... So I just don't get it... I've also tried based on some post I've found on SO and other site to manipulate the config, add extra headers, nothing seems to be working...
Any idea ?
But what I really can't understand is that I'm able (and you'll be
too) to get the file with my browser... So I just don't get it
So when you type in http://tso-mc-ws.azurewebsites.net/Core/hash.json in your browser's address bar, it is not a cross-domain request. However when you make an AJAX request from an application which is running in a different domain (http://localhost:23415 in your case), that's a cross-domain request and because CORS is not enabled on your website, you get the error.
As far as enabling CORS is concerned, please take a look at this thread: HTTP OPTIONS request on Azure Websites fails due to CORS. I've never worked with PHP/Azure Websites so I may be wrong with this link but hopefully it should point you in the right direction.
Ok, will perhap's be little troll answer but not my point (I'm .net consultant so... nothing against MS).
I pick a linux azure virtual machine, installed apache and php, configure apache, set some rights and define the header for the CROS and configure a cron in +/- 30minutes... As my goal is to get it running the problem is solved, it's running.
I have an app that I am trying to pull data from a remote database. I have the url and the table columns and database name but i'm not sure how to call on that database with an http get. Below is my code:
def self.data
BubbleWrap::HTTP.get("url", {credentials: {username: '***', password: '***'}}) do |response|
p response.to_s
end
end
I know this request is working because it shows me data in the console.I can't find anywhere how to request information from a database attached that url. Any help would be greatly appreciated. I have been working with Ruby for a year now but new to RubyMotion.
Not sure to understand exactly your question, but you might want to take a look at this link and this one, explaining how to retrieve and handle data from a service.
Hope it helps.
This may be too elementary, but with an HTTP request you are not querying a database, you are requesting data from an HTTP server. It's the job of the server to look your request over, go to the database, retrieve the data, package it (often in JSON format), and ship it back. I believe that's what #railsdog was referring to in terms of marshaling.
Now, a couple of other comments:
"url" in your code should be an actual endpoint like https://my.server.org/api/some_endpoint.json. The payload containing credentials can be attached as a query string, however, you might want to consider POST and SSL, as I say in my next point.
You should never send credentials in clear text over HTTP. If you have to send sensitive information, use HTTPS (set up your server to respond to SSL-encrypted requests).
It's probably best to authenticate once on first request and get a token you can use on subsequent requests so as not to expose usernames and passwords unduly. Perhaps you can fill in a few blanks about what your server is (Rails, some public API, other) and it will make it easier to help.
You will need to accept the data from the server in some recognizable format. JSON is very well supported. BubbleWrap has a JSON parser to help turn the results into a hash. Alternate formats are XML (ick) or XML-RPC (ick, ick), or SOAP (ick, ick, ice).
If you're way ahead of me on this and it's too basic to be of use, I apologize.