I'm developing a calendar client using CalDAV. I'm trying to create an event on my Google calendar. What's wrong with the PUT request at the end causing Bad request error?
Here's log for my first two successful requests and the Bad! PUT request:
Request options:
OPTIONS https://apidata.googleusercontent.com/caldav/v2/altostratous#gmail.com/events/ HTTP/1.1
Authorization: Bearer ya29.Ci_5AnP1bx1kKPhytjF3axMpsMhqhYppH2RsRhgn64Nnpun8KW3Eb9PV2aT8vlsTyA
Host: apidata.googleusercontent.com
Content-Length: 0
Connection: Keep-Alive
Options response:
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 06 Jun 2016 10:27:23 GMT
Allow: DELETE, GET, HEAD, OPTIONS, PROPFIND, PROPPATCH, PUT, REPORT
Content-Disposition: attachment
DAV: 1, calendar-access, calendar-schedule, calendar-auto-schedule, calendar-proxy
Vary: Origin
Vary: X-Origin
Content-Type: text/plain
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 0
Server: GSE
Alternate-Protocol: 443:quic
Alt-Svc: quic=":443"; ma=2592000; v="34,33,32,31,30,29,28,27,26,25"
Request calendars:
PROPFIND https://apidata.googleusercontent.com/caldav/v2/altostratous#gmail.com/events/ HTTP/1.1
Authorization: Bearer ya29.Ci_5AnP1bx1kKPhytjF3axMpsMhqhYppH2RsRhgn64Nnpun8KW3Eb9PV2aT8vlsTyA
Depth: 0
Host: apidata.googleusercontent.com
Content-Type: text/xml
Content-Length: 103
<options xmlns="DAV:">
<calendar-collection-set xmlns="urn:ietf:params:xml:ns:caldav" />
</options>
Calendars response:
HTTP/1.1 207 Multi-Status
Vary: X-Origin
Content-Type: text/xml; charset=UTF-8
Date: Mon, 06 Jun 2016 10:27:24 GMT
Expires: Mon, 06 Jun 2016 10:27:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Alt-Svc: quic=":443"; ma=2592000; v="34,33,32,31,30,29,28,27,26,25"
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
39d
<?xml version="1.0" encoding="UTF-8"?>
<D:multistatus xmlns:D="DAV:" xmlns:caldav="urn:ietf:params:xml:ns:caldav" xmlns:cs="http://calendarserver.org/ns/" xmlns:ical="http://apple.com/ns/ical/">
<D:response xmlns:carddav="urn:ietf:params:xml:ns:carddav" xmlns:cm="http://cal.me.com/_namespace/" xmlns:md="urn:mobileme:davservices">
<D:href>/caldav/v2/altostratous#gmail.com/events/</D:href>
<D:propstat>
<D:status>HTTP/1.1 200 OK</D:status>
<D:prop>
<D:displayname>altostratous#gmail.com</D:displayname>
<D:getcontenttype>text/calendar; component=vevent</D:getcontenttype>
<cs:getctag>63600884682</cs:getctag>
<ical:calendar-color>#2952A3FF</ical:calendar-color>
<caldav:calendar-description>altostratous#gmail.com</caldav:calendar-description>
<D:resourcetype>
<D:collection/>
<caldav:calendar/>
</D:resourcetype>
</D:prop>
</D:propstat>
</D:response>
</D:multistatus>
0
PUT request:
PUT https://apidata.googleusercontent.com/caldav/v2/altostratous#gmail.com/events/fc4eae83-a429-4cd0-8d1e-4adbf9771969.ics HTTP/1.1
Authorization: Bearer ya29.Ci_5AnP1bx1kKPhytjF3axMpsMhqhYppH2RsRhgn64Nnpun8KW3Eb9PV2aT8vlsTyA
Host: apidata.googleusercontent.com
If-None-Match: *
Content-Type: text/calendar
Content-Length: 283
BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//tracky/iCal//FUBU v1.0//EN
BEGIN:VEVENT
UID:fc4eae83-a429-4cd0-8d1e-4adbf9771969
DESCRIPTION:this is a description
DTSTAMP:20160606T102724Z
LAST-MODIFIED:20160606T102724Z
SEQUENCE:-2147483647
SUMMARY:summary
END:VEVENT
END:VCALENDAR
PUT response:
HTTP/1.1 400 Bad Request
Vary: X-Origin
Content-Type: text/xml; charset=UTF-8
Date: Mon, 06 Jun 2016 10:27:24 GMT
Expires: Mon, 06 Jun 2016 10:27:24 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic
Alt-Svc: quic=":443"; ma=2592000; v="34,33,32,31,30,29,28,27,26,25"
Accept-Ranges: none
Vary: Origin,Accept-Encoding
Transfer-Encoding: chunked
41
<?xml version="1.0" encoding="UTF-8"?>
<D:error xmlns:D="DAV:"/>
0
Your VEVENT has an invalid SEQUENCE property:
SEQUENCE:-2147483647
That should be 1 if the event is fresh ...
But the primary issue is that it has no DTSTART property and no DTEND (or DURATION) property. What's an event w/o a time ;->
Related
I have a portal page that is stuck on the preloader. In the Inspector, it throws this error:
POST https://####/wp-admin/admin-ajax.php[HTTP/2 500 Internal Server Error 5675ms]
Below that, there is these error messages:
Status: 500 Internal Server Error
Version: HTTP/2
Transferred: 726 B (241 B size)
Referrer Policy: strict-origin-when-cross-origin
RESPONSE HEADERS
access-control-allow-credentials: true
access-control-allow-origin: https://####
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
date: Sun, 30 Oct 2022 08:45:32 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-content-type-options: nosniff
X-Firefox-Spdy: h2
x-frame-options: SAMEORIGIN
x-robots-tag: noindex
REQUEST HEADERS
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Connection: keep-alive
Content-Length: 1242
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Cookie: wordpress_sec_43463c74c2bcdfa8f63c308437d1e9a2=########.com%7C1668185768%7C3RDSuJIwsueKkV0XMKCFD8aYWn14tchxzW5ygy5ZT2V%7Cc98e394e223dbf6e592589722ee40693641c42b27df660dc8bf0d307d26d1bb8; wordpress_logged_in_43463c74c2bcdfa8f63c308437d1e9a2=rreis%40ejme.com%7C1668185768%7C3RDSuJIwsueKkV0XMKCFD8aYWn14tchxzW5ygy5ZT2V%7Caa83aa2070723dd4047efdf67a1d3681a827359dfac09e97fe3ebf5156f6c343; wp-settings-175=editor%3Dtinymce; wp-settings-time-175=1666975646; wpc_key=BcD%26y9QHSMt%21mygJDcMm; PHPSESSID=ac2505ebc1aa49f5748064cb9bbfc233; sc_is_visitor_unique=rx11212407.1667119532.8D619E70C6CF4F2F03D9DB342E78DFB3.2.2.2.2.2.2.2.1.1
Host: www.####.co.uk
Origin: https://www.####.co.uk
Referer: https://www.####.co.uk/portal/portal-hub/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:106.0) Gecko/20100101 Firefox/106.0
X-Requested-With: XMLHttpRequest
Can anybody tell what is throwing the error? And is this why the page wont load?
Thanks
Trying to set up local dev environment. Task is to enable cross-site cookie to be set in browser. I intentionally disabled recent Samesite settings in Firefox:
network.cookie.sameSite.laxByDefault : false
network.cookie.sameSite.noneRequiresSecure : false
HTTP Response looks following:
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Tue, 25 Jan 2022 21:30:08 GMT
content-type: application/json; charset=utf-8
content-length: 109
content-security-policy: default-src http://127.0.0.1 'self' 'unsafe-inline';style-src http://127.0.0.1 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com; script-src http://127.0.0.1 'self' 'unsafe-inline';font-src http://127.0.0.1 'self' data: blob: 'unsafe-inline' https://cdnjs.cloudflare.com https://maxcdn.bootstrapcdn.com
x-dns-prefetch-control: off
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
access-control-allow-origin: http://127.0.0.1
access-control-allow-credentials: true
access-control-allow-methods: GET,PUT,PATCH,POST,DELETE
access-control-expose-headers: Content-Length
access-control-max-age: 3600
access-control-allow-headers: Origin, Content-Type, X-Requested-With
set-cookie: access_token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6ImhlbWlkaXQ2NTdAZHVrZW9vLmNvbSIsImZpcnN0TmFtZSI6IkpheSIsImxhc3ROYW1lIjoiT2tvY2hhIiwiaWF0IjoxNjQzMTQ2MjA4LCJleHAiOjE2NDU3MzgyMDh9.Mbl3uy6OelZd9lRUoUzz3q_8nuaOZ-tvAGIgQ3NX3qQ; Path=/; HttpOnly
etag: W/"6d-8J7FkpDLio+d8AurKXy9hZmOwMg"
X-Firefox-Spdy: h2
Cookie is not set. Any ideas would help.
I am facing some weird problem while replaying my recorded script. I have correlated everything and for rest of the steps the CSRF token is working fine but for the below step its giving error for me.
The recorded script is:
web_add_header("X-CSRF-TOKEN",
"1f285aef-f9b1-4709-a76b-6789e785ca8a");
web_add_header("X-Requested-With",
"XMLHttpRequest");
lr_think_time(33);
web_custom_request("saveScheduleAcademyMapping",
"URL=http://localhost:8080/ams/saveScheduleAcademyMapping",
"Method=POST",
"Resource=0",
"RecContentType=application/json",
"Referer=http://localhost:8080/ams/manage_academy?scheduleInstanceId={scheduleID}",
"Snapshot=t1553.inf",
"Mode=HTTP",
"EncType=application/json; charset=UTF-8",
"Body=[{JSON values]",
LAST);
Below are the request and response while recording and replaying the script
For Recording
Request:
POST /ams/saveScheduleAcademyMapping HTTP/1.1
Host: localhost:8080
Connection: keep-alive
Content-Length: 791
Accept: */*
Origin: http://localhost:8080
X-CSRF-TOKEN: 1f285aef-f9b1-4709-a76b-6789e785ca8a
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Content-Type: application/json; charset=UTF-8
Referer: http://localhost:8080/ams/manage_academy?scheduleInstanceId=230044
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: JSESSIONID=B9C8BB02040E49246E1C7BA4CC16F6CF
[{JSON VALUE}]
Response:
HTTP/1.1 200
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
X-Application-Context: application:dev
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 25 Apr 2018 12:09:17 GMT
[{JSON VALUE}]
For Replay:
Request:
POST /ams/saveScheduleAcademyMapping HTTP/1.1
Content-Type: application/json; charset=UTF-8
Referer: http://localhost:8080/ams/manage_academy?scheduleInstanceId=230046
Origin: http://localhost:8080
X-CSRF-TOKEN: 1f285aef-f9b1-4709-a76b-6789e785ca8a
X-Requested-With: XMLHttpRequest
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Accept: */*
Connection: Keep-Alive
Host: localhost:8080
Cookie: JSESSIONID=E61AF0BA93B173F3D597244508FE11DD
Content-Length: 791
[{JSON VALUE}]
Response:
HTTP/1.1 403
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 25 Apr 2018 12:25:05 GMT
{"timestamp":"2018-04-25T12:25:05.690+0000","status":403,"error":"Forbidden","message":"Invalid CSRF Token '1f285aef-f9b1-4709-a76b-6789e785ca8a' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'.","path":"/ams/saveScheduleAcademyMapping"}
Can anyone help me with this.
Its weird to answer my question itself but need to close it hence postintg it.
Just correlated one more time and added the lines in script like below and its working now. using web_reg_save_param_ex() function fetched the CSRF and used it.
web_add_header("X-CSRF-TOKEN",
"{CSRF}");
web_add_header("X-Requested-With",
"XMLHttpRequest");
My nginx is returning the following response:
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Aug 2017 12:52:34 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=btj7eq897r10tl7br5pf97ttd4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
I have no idea where does Expires and Cache-Control are being set, I checked the site's config on nginx and its not there...any ideas?
OK that is set by PHP so it's fine:
https://andidittrich.de/2015/09/php-worry-about-some-magical-added-cache-control-header.html
I am trying to do a simple simple curl to a Laravel (5.2) app running on my machine:
curl -H "User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:7.0.1) Gecko/20100101 Firefox/7.0.1" http://192.168.1.65:8000/pt
With this result:
The request header:
* Trying 192.168.1.65...
* Connected to 192.168.1.65 (192.168.1.65) port 8000 (#0)
> GET /pt HTTP/1.1
> Host: 192.168.1.65:8000
> Accept: */*
> User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:7.0.1) Gecko/20100101 Firefox/7.0.1
The response header and body:
< HTTP/1.1 302 Found
< Host: 192.168.1.65:8000
< Connection: close
< X-Powered-By: PHP/7.0.8-0ubuntu0.16.04.2
< Set-Cookie: lang=pt; expires=Fri, 04-Nov-2016 08:53:50 GMT; Max-Age=2592000; path=/
< Cache-Control: no-cache
< Location: http://192.168.1.65:8000/pt
< Content-Type: text/html; charset=UTF-8
< Date: Wed, 05 Oct 2016 08:53:50 GMT
< Set-Cookie: XSRF-TOKEN=eyJpdiI6IjNReFJiRFpYOG5USEgzaVZ4YWQ5OXc9PSIsInZhbHVlIjoiblBFU0FqRjJ3WFMyajJHZnBlUEMzT2lXK2ZDaGpTVDJnQnZZSXdSNUhTUHQ2QmxjcUZGUDFOUit0NzFKeUxMY28zaUl0VlVBNGtUMUJmYnlxWisrT3c9PSIsIm1hYyI6IjZjZmFlZTcwNGMxOTE1OGM2NjE1ZWM5OWViZjEzMjZmYzIwZTljNWMwYWY1ZmQzZGI3Y2FjZDdiM2Q4Y2IxMmQifQ%3D%3D; expires=Wed, 05-Oct-2016 10:53:50 GMT; Max-Age=7200; path=/
< Set-Cookie: laravel_session=eyJpdiI6IjJ5MTMwYXBpVDlqRTZ6U2NmNjBWb3c9PSIsInZhbHVlIjoiTm10QklTZTAydURkeU1kSm9Eam1UaGg1RlpvQWpncTBJTmRSd2poT01ORVRUa2l3MzNSSjJZTStPMWpGTVdYQ0JFRkt3M2ZUd3NRYVNTS3JLQkpLckE9PSIsIm1hYyI6IjM5MmQ2YzEzNDYwM2M5YTc1MzI0ODZmMjBiYWZiNmYyM2Q4NzE0ZTEyOWE3NWUzZjRjMGIxMGFjMGVjZDgzNGIifQ%3D%3D; expires=Wed, 05-Oct-2016 10:53:50 GMT; Max-Age=7200; path=/; HttpOnly
<
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8" />
<meta http-equiv="refresh" content="1;url=http://192.168.1.65:8000/pt" />
<title>Redirecting to http://192.168.1.65:8000/pt</title>
</head>
<body>
Redirecting to http://192.168.1.65:8000/pt.
</body>
* Closing connection 0
I find this really weird since if i use the lib requests from python 3.x:
import requests
headers = {'User-Agent' : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:7.0.1) Gecko/20100101 Firefox/7.0.1'}
req = requests.get('http://192.168.1.65:8000/pt', headers=headers)
print(req.text)
The response is all html from the page (this is what is supose to happen)
PS: I also used the -L flag with me curl so it can fallow redirects but it appears to end up in an infinite loop (curl: (47) Maximum (50) redirects followed)
Why is this hapening? How to solve it?
You are setting a cookie, and if that cookie is not present, you redirect the user with a 302 Found, setting the cookie, to the same page. Specifically, you're checking for the lang cookie.
While Python requests (apparently) retains cookies when redirecting, curl doesn't do this by default. You can enable this by adding a cookie jar (a file where cookies are stored, -c cookies.txt) or setting the cookie manually (-b lang=pt).
For example:
$ curl -c cookies.txt -A 'Mozilla/5.0 (X11; Linux x86_64; rv:49.0) Gecko/20100101 Firefox/49.0' -LI lemos.migueldvl.com/pt
HTTP/1.1 301 Moved Permanently
Date: Wed, 05 Oct 2016 09:18:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.26
Cache-Control: no-cache
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJtcHVwUlwvbzJSUlhublVzSCtPVk5BPT0iLCJ2YWx1ZSI6ImlKMEcrQkZDOGlLKzdoUStVUkNLaXBKaDl3N0RvVjBsY1NVMHMrK3hZRCs5ekRzVTg3ZTdUU1J1WHNMb3JUZ1FCWDNrRHRVOGFjdzhsY0JidzQzZEJRPT0iLCJtYWMiOiJjMDhmZmY1OGQxMGY2YWI0YmJkY2M1MzlhYWMyNzNhOTA5YjMwNThjZjM5MTBhOGJhNjJjOWYzZWVlNDY0MGQ0In0%3D; expires=Wed, 05-Oct-2016 11:18:45 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6Ik96cjBZRUJnT0daV0lyU3RLYlk2Nmc9PSIsInZhbHVlIjoidW5YMHYybUdMUktLSml0VVwvZWYxSFFTUkVKdEh3WHJQeFlNQmVYZG5aYXNhZyszQWNvY3loN09PWG1TNUJoY0RsMkRFZ0RYZE9XaXRvM1prNzNRKzRnPT0iLCJtYWMiOiI0OTVjYWRiOGIyOGNkZjM1YmFjMDczNTlmMzI4NTI5OWQ3NmZjNDhjZWFlZjQ2MDI3ZWIxZmMzZDVkNzI1ZGQ5In0%3D; expires=Wed, 05-Oct-2016 11:18:45 GMT; Max-Age=7200; path=/; httponly
Location: http://www.lemos.migueldvl.com/pt
Cache-Control: max-age=2592000
Expires: Fri, 04 Nov 2016 09:18:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
HTTP/1.1 302 Found
Date: Wed, 05 Oct 2016 09:18:45 GMT
Server: Apache
X-Powered-By: PHP/5.6.26
Cache-Control: no-cache
Set-Cookie: lang=pt; expires=Fri, 04-Nov-2016 09:18:46 GMT; Max-Age=2592000; path=/
Set-Cookie: XSRF-TOKEN=eyJpdiI6InRkMFwvaFpYUENiNjdIbVRPTStuR25BPT0iLCJ2YWx1ZSI6IkZ1V2MwMk41aVYzMWVuNHBEb1JlRks0TCtmNzdxbTJIWGJYNWFldDZZXC93UlRZZmxyK3YxVmJqcDZsQm9pdFhmKzhQa0tUcXY3d0VTR2lQOW1rc1E0Zz09IiwibWFjIjoiZjcyZmI5MGJhNjk0N2Q5ZWQzM2Y4NGExNmIzNmJiNDY1NzI2NzhmMzMzZDJkMGZhMDFkMjRjMmI4M2JiNDMyMCJ9; expires=Wed, 05-Oct-2016 11:18:46 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6IjllMDl4cjZPbEpYcWF3VktLOFVCWWc9PSIsInZhbHVlIjoiTFkrMzBMR1ZuV01aMEplMUY5M001T1wvdzZJSWIxVTZDbmdhWVwvRWp4U3pyUUZraUZhZEp1TnR2QzI0TGY0XC9JakZZbnFuNDNtdzc1eTY4c0lYVEpwYkE9PSIsIm1hYyI6Ijc3ODg5NDcyOWIyOGEzYjc4ZmNmYzExYjAyNjY0ZTg1ZmM2YjFjM2FjZDNmODBlN2EyZjJlOTQ3MmZiM2M1YmMifQ%3D%3D; expires=Wed, 05-Oct-2016 11:18:46 GMT; Max-Age=7200; path=/; httponly
Location: http://www.lemos.migueldvl.com/pt
Cache-Control: max-age=2592000
Expires: Fri, 04 Nov 2016 09:18:45 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2016 09:18:46 GMT
Server: Apache
X-Powered-By: PHP/5.6.26
Cache-Control: no-cache
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImppeXFEaFdWa3NXZlM3cG5iK3Jid0E9PSIsInZhbHVlIjoiT2pGcjFyTnN2ZStIU2tvcW53MmtKdUpudkFIOXNBT1FNQTdLbUlvbVZGbHplYnlzWHJiWW16RXVZRk0rc241Qjcwcm5RVGZTSmdOS0l0cWdDT0x1aUE9PSIsIm1hYyI6IjM0YjhlYzIyMjcwOGUzNzZkOTU5YTk2Yzc4MGI5ODNlMTkyM2QxNjg2NGUzOGVmOTM0NWFlNTNjNWNlZDg3ODMifQ%3D%3D; expires=Wed, 05-Oct-2016 11:18:46 GMT; Max-Age=7200; path=/
Set-Cookie: laravel_session=eyJpdiI6Ikt4cU5KUm9qNVhKZUxHb2dqOVlDNXc9PSIsInZhbHVlIjoiVlpZdkM5eTYzRFRGcGFaS2lOd3NsYzdsM1Y0MGt5QWlXS25WVzFJZ0k2TzlYZCtUdXZCQTVTNHpoOFNyMjdiV2pNNTFUQ1dMbGt6XC9YR1wvK2FLV2s1QT09IiwibWFjIjoiOTg2ZDMyNzMyODBiODZmMWM2ZTU2NWZlODc3ZmRkNjdiNTA4Yzg2ZDFmZTg0YmJhMzdjMTJiMDVjMWZjNTkwOCJ9; expires=Wed, 05-Oct-2016 11:18:46 GMT; Max-Age=7200; path=/; httponly
Cache-Control: max-age=2592000
Expires: Fri, 04 Nov 2016 09:18:46 GMT
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8