I am working with Parse.com REST API where my working environment restricts me from using modified header on GET requests.
For now, the GET request using plain http is served good, and we can login to the parse using url formatted like this:
https://ParseAppID:javascript-key=ParseJSKey#api.parse.com/1/login?username=someName&password=somePass
But we can't check if current session is valid, as with GET request formatted like this:
https://ParseAppID:javascript-key=ParseJSKey#api.parse.com/1/users/me
we received invalid session response
Is there any way to put session token as additional or replacement of javascript-key? Thanks
Related
I am trying to call a Postman GET endpoint, and it is returning HTML and status 200, instead of a valid JSON response and status 200. It looks like it is not hitting the backend at all. I have a separate POST endpoint, which works fine and returns me a valid JSON response.
Could this be due to authorization headers? I am using the same authorization for both.
I managed to resolve the issue. I had to add a cookie header, which I got from the browser since I was able to call the service from the browser and I had authenticated on browser level.
I am trying to automate API testing using Postman. Apart from AuthAPI every other API is decorated with [Authorize] so I need to pass token.
In my collection, the first API is AuthAPI, This API returns the JWT token.
if I run the API in collection runner, I am getting 403 error for all the APIs in the collection.
However, If I do manually copy the token recieved in the AuthAPI resonse & paste in the Authorization header, it returns the desired response.
How do I attach the token received in the response of the AuthAPI in the header of the subsequent request (Postman) when running the API in the Automated way.(via Collection Runner)
Thanks
You can use the environment variable to store the token an use them in the subsequent request. Also, the first request should be Auth API.
Check the postman console for the request details, You might have encountered the issue similar to this thread. Check whether the header has bearer or Authorization in the request details.
use variables inside Postman and Collection Runner
http://blog.getpostman.com/2014/02/20/using-variables-inside-postman-and-collection-runner/
I am trying to log in to a service using Ext.Ajax.request (ExtJS Version 6.2) by sending user id and password. A session cookie .ASPXAUTH is returned back in the response. I want to know about a way to get this cookie value, store it at client side and use it for further Ajax calls.
Assuming that the "cookie" is returned in the Set-Cookie HTTP response header, you don't need any additional steps to set it or "store it at the client side". As for the getting its value part, you can use the Ext.util.Cookies.get("cookieName") method.
I have a web crawler on Heroku and I'm trying to call the script from a POST request on Parse Cloud Code httpRequest but I receive a 403 forbidden response basically telling me the Referer Header didn't pass. How can I get past this?
Django's CSRF protection tests the Referer header: see https://docs.djangoproject.com/es/1.9/ref/csrf/#how-it-works. Browsers typically send that header to indicate the page that originated a request, but programmatic user agents don't (cURL, Python requests, and presumably Parse.Cloud.httpRequest) without being told to do so.
To add custom headers to a Parse request, see: Parse.Cloud.httpRequest call with HTTP request header (note the headers object).
That said, you also need to make sure you have a way to get the CSRF token to begin with, and include it either in a XCSRF-Token header or a form field (unclear from your question whether you are doing that).
I am trying to make a script to test REST services using Jmeter.
Till now I was using Chrome’s Advanced REST Client.
My authentication request was GET and it was something like this in Advanced REST:
https://username:password#URL:portnumber
its a GET request
Now when I am using Jmeter. I tried following ways:
I added HTTP Authorization Manager and mentioned Base URL and Username/password inside it.
When I am trying to do a request then its showing me “Unauthorized”
I also tried to login using normal https request but no success.
When accessed manually, a authorization popup window appears and username and password is submitted inside this window.
Please suggest me a way for how to login using Jmeter.
Few suggestions:
Most likely you have mismatch in URL you're trying hit and the one, specified in HTTP Authorization Manager, double check it.
Add View Results Tree listener and make sure that the header like:
Authorization: Basic xxxxxxxxxxxx=
is being sent along with the request and compare it with the one, sent by the real browser.
Try switching "Implementation" of your HTTP Request samplers to HttpClient3.1, the easiest way of doing this is using HTTP Request Defaults
And finally, you can use HTTP Header Manager to send the relevant header, it's name should be Authorization and value Basic and username:password encoded in Base64. There is base64Encode function available via JMeter Plugins.