Accessing HTTP headers in ISAPI Rewrite 3 - isapi-rewrite

Is there any way to access HTTP headers in ISAPI_Rewrite module? Didn't find anything about it. I know IIS URL Rewrite allows you to access headers as server variables - {HTTP_HEADER_NAME} - is there something similar here?

Uh, nevermind...
Missed a line in a documentation:
HTTP header value with the syntax %{HTTP:header}.
http://www.helicontech.com/isapi_rewrite/doc/RewriteCond.htm

Related

Jmeter Post URL with colon

I have a form action that calls the following url :
https://someurl:jsessionid=0000000
The form works.
When trying to mimic it in Jmeter the http request
if I call that url, the server will return that the url does not exists (because the :jsessionid....)
Is there anyway to mimic a form with this kind of url?
Thanks a lot in advance!.
Based on HTML URL Encoding Reference, colon (:) can be replaced with %3A. So, you can try this in your HTTP Request:
I hope this will work for you.
I think you URL is not correct as colon in URLs can be used only in 2 cases:
As a part of URL scheme, i.e. in the end of http: or https: protocol
As a separator between username and password when basic HTTP authentication is used like http://username:password#server/path
If you passing JSESSIONID as a parameter - semicolon ; should be used so please double check the character. If it something coming from the server - raise an issue as colon is not the right separator. If it is something introduced by you - you need to change the colon to semicolon.Normally you should be using either HTTP URL Re-writing Modifier or HTTP Cookie Manager to correlate the JSESSIONID cookie.

Laravel can't get param header in request with nginx

I'm working on a Laravel project (an API) and I have a problem with a custom param in the request header.
I need to send a token in the request header, so I just add a param api_token in my request.
When I am on my local configured with apache2, I can in Laravel get my header request param with $request->header('api_token'), but when I tr on my server configured with nginx, I always get null
For me, there is a problem with nginx and header request, what can I do ?
Any ideas ? Maybe it's not from nginx...
That's because by default Nginx does not allow header with an underscore. You can simply update your header parameter to api-token:
$request->header('api-token');
Or you can configure your Nginx configuration to allow header with an underscore. Somewhere between your server block, add underscores_in_headers directive like this:
server {
...
underscores_in_headers on;
...
}
Also don't forget to reload your Nginx configuration. Read more about this underscores_in_headers directive here.
Hope this solve your issue.

How to enable CORS on Sonatype Nexus?

I want to develop a Monitoring-WebApp for different things with AngularJS as Frontend. One of the core-elements is showing an overview of Nexus-Artifacts/Repositories.
When I request the REST-API I'm getting following error back:
No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:9090' is therefore not allowed access.
To fix this error, I need to modify the response headers to enable CORS.
It would be great if anyone is familiar with that type of problem and could give me an answer!
The CORS headers are present in the response of the system you are trying to invoke. (Those are checked on the client side [aka browser this case], you can implement a call on your backend to have those calls and there you can ignore those headers, but that could become quite hard to maintain.) To change those you'll need a proxy. So your application will not call the url directly like
fetch("http://localhost:9090/api/sometest")
There are at least two ways: one to add a proxy directly before the sonar server and modify the headers for everyone. I do not really recommend this because of security reasons. :)
The other more maintaneable solution is to go through the local domain of the monitoring web app as follows:
fetch("/proxy/nexus/api/sometest")
To achieve this you need to setup a proxy where your application is running. This could map the different services which you depend on, and modify the headers if necessary.
I do not know which application http server are you going to use, but here are some proxy configuration documentations on the topic:
For Apache HTTPD mod_proxy you could use a configuration similar to this:
ProxyPass "/proxy/nexus/" "http://localhost:9090/"
ProxyPassReverse "/proxy/nexus/" "http://localhost:9090/"
It is maybe necessary to use the cookies as well so you may need to take a look at the following configurations:
ProxyPassReverseCookiePath
ProxyPassReverseCookieDomain
For Nginx location you could employ something as follows
location /proxy/nexus/ {
proxy_pass http://localhost:9090/;
}
For node.js see documentation: https://github.com/nodejitsu/node-http-proxy
module.exports = (req, res, next) => {
proxy.web(req, res, {
target: 'http://localhost:4003/',
buffer: streamify(req.rawBody)
}, next);
};

WP7 - Prevent RestSharp from caching

I use RestSharp in my Windows Phone 7.1 project.
My problem is RestSharp always cache response data.
Example:
At the first time I send request, it returns data correctly. After some delete operations, I send that request again, but response seems the same as the first time, nothing's changed.
If I stop debugging and press F5 to start again, it works perfectly as expected.
I also tried request.AddParameter("cache-control", "no-cache", ParameterType.HttpHeader); and got no luck.
How can I fix this problem?
I have the same issue so just add header that specify not to cache response data
client is my RestClient with base url and than add default header Cache-Control with value no-cache.
client.AddDefaultHeader("Cache-Control", "no-cache")
I found solution in Rico Suter comment, thanks! I will mark this as accepted anwser
its a hack but try something like url = originalUrl + "&nocache=" + DateTime.Now.Ticks
The "Cache-Control" header should do the trick!
I think HTTP Headers are case-insensitive, but the server may not agree with me there! You should try using Cache-Control instead of cache-control...
Also, I would also add the Pragma header with no-cache value to the request (some old servers don't use the "Cache-Control" header, but they will sure recognize this one)!
And I would try to use Fiddler to debug the comms and check that the headers are really being sent to the server as expected!
Another solution can be to set the "If-Modified-Since" header with value of DateTime.Now:
client.AddDefaultParameter("If-Modified-Since", DateTime.Now, ParameterType.HttpHeader);

xhrPost : from an http view to an https url

using Dojo, is it possible to make an Ajax call using xhrPost from an HTTP view to a HTTPS url ?
The url must be HTTPS (as defined in Struts).
If I simply set "MyCommand" as the 'url' parameter of the xhrGet, I get a 302 error code.
If I transform "MyCommand" using javascript to something like "https://......./servlet/MyCommand" I see the following error in Firebug : "uncaught exception: Permission denied to call method XMLHttpRequest.open".
I'm stuck using both approaches, the only solution I found is to remove the "https" clause in the struts configuration file, and of course this is not a correct solution :)
Thanks for any help.
Best regards,
Nils
connection to https from http involves a different port of the target. This violates the same-origin policy which should be enforced by the browser to the running javascript code.
It should work with an iframe..
dojo.io.iframe encapsulates this behaviour for you
http://docs.dojocampus.org/dojo/io/iframe
If your server responds with a redirect to a non-ssl (correctly to same-origin) page you should be able to read the response (because the iframe is now in the same-origin).

Resources