I'm creating a SSL Connection using PyOpenSSL and the trying to make a GET call but i run into :
`'HTTP/1.1 400 Bad Request\r\nDate: Fri, 14 Jul 2017 20:04:51 GMT\r\nServer: Apache/2.4.18 (Ubuntu)\r\nContent-Length: 305\r\nConnection: close\r\nContent-Type: text/html; charset=iso-8859-1\r\n\r\n'
(Pdb) c
.. info: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>400 Bad Request</title>
</head><body>
<h1>Bad Request</h1>
<p>Your browser sent a request that this server could not understand.<br />
</p>
<hr>
<address>Apache/2.4.18 (Ubuntu) Server at ecdhe-server Port 443</address>
</body></html>`
The Code i have is as follows :
1) I create SSL Connection as follows :
client = socket()
if self._proxy:
client.connect((proxy, 8080))
else:
client.connect((host_name, port))
context = Context(self._ssl_version)
if self._ciphers:
context.set_cipher_list(self._ciphers)
ssl_connection = Connection(context, client)
if self._extension=='SNI':
ssl_connection.set_tlsext_host_name(host_name)
ssl_connection.set_connect_state()
ssl_connection.do_handshake()
self._session_ref = ssl_connection.get_session()
self._ssl_connection = ssl_connection
And then call the get() function which is as follows:
def get(self, http_version='1.0'):
#self._ssl_connection.sendall("GET / HTTP/1.1\r\n\r\n")
self._ssl_connection.sendall("GET / HTTP/1.0\r\n\r\n")
response_contents = self._ssl_connection.recv(4096)
return response_contents
I tried all combinations of sendall and send(also i think) but i run into :
.. info: HTTP/1.1 400 Bad Request
Date: Fri, 14 Jul 2017 20:19:13 GMT
Server: Apache/2.4.18 (Ubuntu)
Content-Length: 305
Connection: close
Content-Type: text/html; charset=iso-8859-1
I would appreciate if some one would help out in resolving the issue.
Related
public void testScriptLine() {
//useRelaxedHTTPSValidation();
String base_url = ...;
String url = Props.getProp(base_url) +
NameManagementEndPoints.GET_NAME_LIST;
String bearerToken = Props.getMessage("bearer_token");
Map<String, Object> body = new HashMap<>();
body.put("pageNum", 1);
body.put("pageSize", 10);
given().log().all().
headers(
"Authorization",
"Bearer " + bearerToken,
"Accept",
ContentType.JSON).
contentType(ContentType.JSON).
body(body).
when().
post(url).
then().log().all().
statusCode(200).
body("code", equalTo(0), "msg", equalTo("success"));
}
Trying to use post method, but got below result of 405 error, but this api is working fine with postman. And the get method works both with restassured and postman.
HTTP/1.1 405 Not Allowed
Server: nginx
Date: Fri, 22 Jul 2022 09:44:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 166
Connection: keep-alive
<html>
<head>
<title>405 Not Allowed</title>
</head>
<body bgcolor="white">
<center>
<h1>405 Not Allowed</h1>
</center>
<hr/>
<center>nginx</center>
</body>
</html>
Thanks in advance
Below web API returns JSON for the given ID.
http://aws-av-devser/Assigning_ID/api/QidMasters/2
It's working as expected in postman.
but when I try to consume this web API in different projects on the same server. I am getting
404 Not found Error
Below is the code to consume the web API
var uri = "http://aws-av-devser/Assigning_ID/api/QidMasters/2";
var response = await httpClient.GetAsync(uri);
Error Message :
{
StatusCode: 404,
ReasonPhrase: 'Not Found',
Version: 1.1,
Content: System.Net.Http.HttpConnectionResponseContent,
Headers:
{
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 17 Jun 2022 17:59:28 GMT
Connection: close
Content-Type: text/html; charset=us-ascii
Content-Length: 315
}
}
Please correct me if I am missing something
There seems to be no way to handle ServletException caused by URI parsing failures in dropwizard(using version 2.0.18).
curl -i -s -k -X $'GET' $'https://localhost/api/search/query?searchString=%bf'
HTTP/1.1 400 Bad Request
Server: nginx
Date: Thu, 06 May 2021 09:17:06 GMT
Content-Type: text/html;charset=iso-8859-1
Content-Length: 751
Connection: keep-alive
Cache-Control: must-revalidate,no-cache,no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 400 Unable to parse URI query</title>
</head>
<body><h2>HTTP ERROR 400 Unable to parse URI query</h2>
<table>
<tr><th>URI:</th><td>/search/query</td></tr>
<tr><th>STATUS:</th><td>400</td></tr>
<tr><th>MESSAGE:</th><td>Unable to parse URI query</td></tr>
<tr><th>SERVLET:</th><td>jersey</td></tr>
<tr><th>CAUSED BY:</th><td>javax.servlet.ServletException: Filtered request failed.</td></tr>
<tr><th>CAUSED BY:</th><td>org.eclipse.jetty.http.BadMessageException: 400: Unable to parse URI query</td></tr>
<tr><th>CAUSED BY:</th><td>org.eclipse.jetty.util.Utf8Appendable$NotUtf8Exception: Not valid UTF8! byte Bf in state 0</td></tr>
</table>
</body>
</html>
Main concern here is jetty is sending the stacktrace for exception, which can be a security concern.
Tried ExceptionMappers, but it's not working, as i think the exception is thrown from outside the application scope. How can this be avoided?
I am posting an https request to client's API ,testing from Postman API , I am getting proper response, response is in xml structure , however using the conventional way of httpsurlconnection api in java , I am getting response which is trimmed .
Response in Postman :
<data>
<status>02231013757|1518968|Failed</status>
<status>041580082657|1518969|Failed</status>
</data>
Response header in Java :
Server: Apache-Coyote/1.1Set-Cookie:JSESSIONID=68735C46DABA9D068FE1DB1D0FE83454; Path=/awp; Secure Expires: Thu, 01 Jan 1970 00:00:00 GMT Pragma: no-cache Content-Length: 14 Date: Wed, 19 Apr 2017 13:25:26 GMT Content-Type: text/html X-Powered-By: Servlet 2.5; JBoss-5.0/JBossWeb-2.1
Response fetched as String : <data></data>
As you can find the content-length is 14 in response header, so this issue is at client's service end or am I missing something ?
below snippet I am using to read the content :
read = new InputStreamReader(rc.getInputStream() );
StringBuilder sb = new StringBuilder();
int ch = read.read();
while( ch != -1 )
{
sb.append((char)ch);
ch = read.read();
}
resp = sb.toString();
I have a .Net 4.5.2 WebApi 2.2 REST service. Windows 7 machine running IIS 7.5. It doesn't do much but return the current date/time. When hosted in IIS, I get response headers that look like this:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Length: 58
Content-Type: application/json; charset=utf-8
ETag: "c664145c-6923-44b6-b3fb-ff7e50259b44"
Server: Microsoft-IIS/7.5
ApplicationDate: Test with date 4/3/2015 3:18:08 PM
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:18:10 GMT
{"messages":[],"result":"All is well 4/3/2015 3:18:07 PM"}
If I call it a second time, I see this:
HTTP/1.1 200 OK
Cache-Control: max-age=60
Content-Length: 58
Content-Type: application/json
ETag: "c664145c-6923-44b6-b3fb-ff7e50259b44"
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:27:25 GMT
{"messages":[],"result":"All is well 4/3/2015 3:18:07 PM"}
My custom header (ApplicationDate) is gone, and the time hasn't changed. The key is probably the Cache-Control: max-age=60 in there. I don't know where it's coming from!
If I run it "Self Hosted", same code...I see this:
HTTP/1.1 200 OK
Content-Length: 58
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
ApplicationDate: Test with date 4/3/2015 3:35:31 PM
Date: Fri, 03 Apr 2015 19:35:31 GMT
{"messages":[],"result":"All is well 4/3/2015 3:35:30 PM"}
Something in the IIS pipeline is setting max-age. (BTW, testing with SoapUI and Fiddler, no browser issues to complicate things)
I have tried disabling the IIS OutputCache module. I verified using FailedReqLogFiles:
OUTPUT_CACHE_LOOKUP_END
Result 4
Result CACHING_DISABLED
When I change the cache-control headers in code, I see the changes in the Self-Hosted version, but something overwrites the headers in the IIS version back to max-age=60.
HTTP/1.1 200 OK
Cache-Control: max-age=60
Pragma: no-cache
Content-Length: 58
Content-Type: application/json; charset=utf-8
ETag: "3ce2e8b6-4891-496e-8bb7-087590239d6b"
Server: Microsoft-IIS/7.5
ApplicationDate: Test with date 4/3/2015 3:49:19 PM
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Fri, 03 Apr 2015 19:49:19 GMT
{"messages":[],"result":"All is well 4/3/2015 3:49:19 PM"}
Here's the controller:
/// <summary>
/// Get "REST" status
/// </summary>
/// <returns></returns>
[ActionName("GetStatusDate")]
[Route("GetStatusDate")]
public HttpResponseMessage GetStatusDate()
{
CommonResponse<string> response = new CommonResponse<string>();
response.Result = "All is well " + DateTime.Now;
HttpResponseMessage responseMessage = Request.CreateResponse(HttpStatusCode.OK, response);
responseMessage.Headers.Add("ApplicationDate", "Test with date " + DateTime.Now);
responseMessage.Headers.Remove("Cache-Control");
responseMessage.Headers.CacheControl = new CacheControlHeaderValue()
{
MaxAge = TimeSpan.FromSeconds(11),
NoCache = true,
Private = true
};
responseMessage.Headers.Add("Pragma","no-cache");
return responseMessage;
}
What is setting max-age?
Thanks,
Sean
So, I should have waited another hour before posting the question....turns out the problem was that the CacheOutputAttribute (OutputCache.V2) was not only set on specific resources, but had been added to the global filter collection. Since it inherits from FilterAttribute, IActionFilter, it worked fine as a global filter. That is why all calls were getting cached. It took ripping the project down to nothing to find the issue.
Sean