I have browsed through all questions in stackoverflow but I still cannot make my request working. The server (I have no access to it, so I do not know what is going on over there) is always responding with 403.
I was told that I have to use Basic Auth with HTTPS. At first I tried it with PostMan (Chrome add-on) and it worked perfectly. Fiddler says that PostMan has sent this request:
GET https://mypage.com/api/topic HTTP/1.1
Host: mypage.com
Connection: keep-alive
Authorization: Basic asdfasdfasdfasdfasdfasdf
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.99 Safari/537.36
Postman-Token: 7363b868-cc6e-1dff-d5d0-c7a0c1924fa7
Accept: */*
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: JSESSIONID=imxY132456123Scai90Nrsv
I wanted to reproduce this in our C# application, but whatever I try I get a 403 answer from the server. This is (one) of the versions in C# I have tried:
NetworkCredential nc = new NetworkCredential(Login, Password);
CredentialCache cc = new CredentialCache();
cc.Add("mypage.com", 443, "Basic", nc);
WebRequest request = WebRequest.Create("https://mypage.com/api/topic");
request.Credentials = cc;
request.PreAuthenticate = true;
request.Method = "GET";
WebResponse response = request.GetResponse();
That is what is sent according to Fiddler:
GET https://mypage.com/api/topic HTTP/1.1
Host: mypage.com
Connection: Keep-Alive
Obviously there are some things missing. I am wondering which ones (like user-agent?) are really essential and I hope you can help me fix the problem.
I could swear that I have already tried setting headers exactly this way. Probably I have been stuck for too long and made a mistake...
So here is my solution:
string auth = Convert.ToBase64String(Encoding.Default.GetBytes(Login + ":" + Password));
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("https://mypage.com/api/topic");
request.Headers.Add("Authorization", "Basic " + auth);
Thank god, it works now.
Related
I have a Web API application that we forward the HttpRequestMessage.Content to other methods that process the request. One of the set of values that is needed is the Headers that are sent as part of the request.
When I look at HttpRequestMessage.Headers.headerStore, I see all the headers sent to the request. But when I look at HttpRequestMessage.Content.Headers.headerStore, I only see a few of default headers.
Why doesn't HttpRequestMessage.Content.headerStore contain all the headers associated with the request?
Request headers and content headers have different purposes.
While request headers carry information about request itself and about client (caller), content headers describe "entity" or its metadata.
Have a look at sample http request:
POST /some/url HTTP/1.1
Host: someHost
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
request Accept: application/json, text/plain, */*
headers Accept-Encoding: gzip,deflate
Connection: keep-alive
Referer: url
Content-Type: multipart/form-data; boundary=----------564564546545645
Content-Length: 462560
------------564564546545645
content Content-Disposition: form-data; name="file"; filename="1.png"
headers Content-Type: image/png
.PNG
......................;
------------564564546545645
I need to send a series of get/post requests for an application I'm making (a custom wrapper for an online chat). I completed the site login process and initial chat loading, by loosely simulating requests logged from Telerik Fiddler.
Now I'm having trouble with a different post request, that registers the user as online.
It's a connection to a socket.io server, but I know for a fact it's possible to do without a socket connection, because everything worked fine when I sent my requests with Fiddler's "composer" feature.
Here's the request I'm trying to simulate
POST http://events.********.com/socket.io/1/xhr-polling/vLaINOG3fKixnNs-oTWq?t=1498442322413 HTTP/1.1
Host: events.********.com
Connection: keep-alive
Content-Length: 144
Origin: http://www.********.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
Content-type: text/plain;charset=UTF-8
Accept: */*
Referer: http://www.********.com/home.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
5:::{"name":"updateUserStatus","args":[{"status":"online"}]}
Here's how it looks trying to simulate it (ignore the different url, it should work with this)
POST http://events.********.com/socket.io/1/xhr-polling/owR02QZlrwKOwcLjoTW8 HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: events.********.com
Content-Length: 60
Expect: 100-continue
5:::{"name":"updateUserStatus","args":[{"status":"online"}]}
Clearly a lot of stuff missing, but I don't think most of it matters. What I've noticed is that the original request's header has content-type set to "text/plain," and even though I've tried many ways to change the accept and content-type headers to match, it always sends as application/json and results in a 404.image
I feel like I'm missing something really obvious and stupid, but I've been troubleshooting for the past couple hours and can't figure anything out.
Here's the code I'm using for the request (I took out the "text/plain" content-type and other stuff i had before that didnt work so it's somewhat cleaner)
chatreq = (HttpWebRequest)WebRequest.Create("http://events.********.com/socket.io/1/xhr-polling/" + socket);
chatreq.CookieContainer = cookieContainer;
postData = "5:::{\"name\":\"updateUserStatus\",\"args\":[{\"status\":\"online\"}]}";
data = Encoding.ASCII.GetBytes(postData);
chatreq.Method = "POST";
chatreq.ContentType = "application/x-www-form-urlencoded";
chatreq.ContentLength = data.Length;
using (var stream = chatreq.GetRequestStream())
{
stream.Write(data, 0, data.Length);
}
response = (HttpWebResponse)chatreq.GetResponse();
Or, if there's a simple way to send a raw http request, that would be great.
Thanks.
I used Headers.Clear() first, and then set all the headers, and it went through normally.
I ended up using a socket.io library for this project though, since it ended up being a lot easier.
I have the following code that successfully connects to a third party API in C#:
using (var client = new WebClient())
{
client.Credentials = new NetworkCredential(login.Username, login.Password);
var xml = client.DownloadString(url);
Debug.Write(xml);
}
This works fine when connecting directly to the API. However, I'm trying to utilize Azure Traffic Manager to spread the load to multiple endpoints, and I'm getting 401 Unauthorized exceptions when doing this. It appears to work correctly using tools like Postman and configuring Basic Auth in the request.
I tried to convert the code to RestSharp but it appears to have the same symptoms.
Here are the request from Fiddler using a few different techniques:
C#/WebClient directly to API endpoint (Success)
GET <ApiUrl> HTTP/1.1
Host: <ApiHost>
Connection: Keep-Alive
401 Unauthorized
GET <ApiUrl> HTTP/1.1
Authorization: Basic <AuthToken>
Host: <ApiHost>
C#/WebClient to Azure Traffic Manager (401 Unauthorized)
GET <TrafficManagerApiUrl> HTTP/1.1
Host: <TrafficManagerApiHost>
401 Unauthorized
GET <ApiUrl> HTTP/1.1
Host: <ApiHost>
Postman to Azure Traffic Manager (Success)
GET <TrafficManagerApiUrl> HTTP/1.1
Host: <TrafficManagerApiHost>
Connection: keep-alive
Authorization: Basic <AuthToken>
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Postman-Token: 13396800-33ab-8d7b-664f-68b99e8f4ac1
Accept: */*
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
302 Redirect
GET <ApiUrl> HTTP/1.1
Host: <ApiHost>
Connection: keep-alive
Authorization: Basic <AuthToken>
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36
Postman-Token: 13396800-33ab-8d7b-664f-68b99e8f4ac1
Accept: */*
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: JSESSIONID=<jsessionid>
I wasn't properly handling the redirect of the Azure Traffic Manager.
The answer is detailed here:
https://stackoverflow.com/a/28671822/86191
I need to simulate Win Auth http header for HttpClient. It could be something like the following , see the Authorization header :
POST http://url HTTP/1.1
Host: http://127.0.0.1/
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: /
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://127.0.0.1/
Content-Length: 18
Origin: http://127.0.0.1/
Connection: keep-alive
Authorization: NTLM TlRMTVNTUAADAAAAGAAYAIQAAABuAW4BnAAAAAAAAABYAAAAFgAWAFgAAAA
WABYAbgAAAAAAAAAKAgAABYKIogoAACgAAAAPUOVvBWOMBKcZqtqFzf+fmWQAZwByAHUAZAB6AGkAbgBzA...
Please, give me some examples how to encode domain username & password for that http header, i found only examples for BASIC authentication. But there are windows authentication & NTLM.
Put the domain credentials in the HttpClientHandler.Credentials property and the AuthorizationManager will do the Auth dance for you and fill in the Authorization header as required.
Context:
Hi everyone, i am trying to simulate a query on this website, but i am failing to do so.
I am using C# and a custom self developed library to Wrap the WebRequests actions making it easier to simulate Posts and Gets for Strings and Bitmaps.
Also, i'm using Fiddler2 Web Debugger to debug the web requests of the service
How to test the service Yourself:
Link to the service
Use this document on the first white box : 04034872000121
Write the captcha and click at "Consultar"
Thats it.
Problem:
After Debuging the requests with fiddler, and replicated everything on code (Cookies, Origin, Host, Postdata with a huge json and so on).
The request for the query, still not working, it redirects me to the home page again, instead of querying the document. (I am allowing "AutoRedirect" on web request object).
The only parameter that i'm not beeing able to replicate is the : GxAjaxRequest: 1
Here is the Fiddler debug feedback of the request:
POST http://sefaznet.ac.gov.br/sefazonline/servlet/hpfsincon?0898a16d81a4e94896958b17b52f252d,gx-no-cache=1354713117196 HTTP/1.1
Host: sefaznet.ac.gov.br
Connection: keep-alive
Content-Length: 1337
Origin: http://sefaznet.ac.gov.br
GxAjaxRequest: 1 **Weird Parameter. I've never saw it before.**
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.95 Safari/537.11
Content-Type: application/x-www-form-urlencoded
Accept: */*
Referer: http://sefaznet.ac.gov.br/sefazonline/servlet/hpfsincon
Accept-Encoding: gzip,deflate,sdch
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: GX_SESSION_ID=vSLRLKed3eXJGMBorGepVtQkJOQ1I3o0EBUVzT0g%2BI8%3D; JSESSIONID=af2ba968b7889ec8869caaaba281
vNUMDOC=04034872000121&cfield=chin&BUTTON1=Consultar&BTN_VOLTAR=Retornar&GXState=%7B%22_EventName%22%3A%22E'VISUALIZADADOS'.%22%2C%22_EventGridId%22%3A44%2C%22_EventRowId%22%3Aundefined%2C%22nRC_Duplicados%22%3A%220%22%2C%22CAPTCHA1_Reloadimagetext%22%3A%22Obter%20nova%20imagem!%22%2C%22CAPTCHA1_Validationresult%22%3A1%2C%22GX_FocusControl%22%3A%22vNUMDOC%22%2C%22GX_AJAX_KEY%22%3A%2264FFFF0AFF7A4DFF2655FFFFFF26FF77%22%2C%22AJAX_SECURITY_TOKEN%22%3A%221a9634f566dcd40d12bb8146fd7ff6edca12ae737a3743d79b4b826c3bd4a604%22%2C%22GX_CMP_OBJS%22%3A%7B%7D%2C%22sCallerURL%22%3A%22%2Fsefazonline%2Fservlet%2Fhpfsindado%3FeTlFtl5mBgEOtpLCt8Q02bMjmN3K93hV7i2Uxq_rHv0%3D%22%2C%22GX_RES_PROVIDER%22%3A%22com.genexus.webpanels.GXResourceProvider%22%2C%22GX_THEME%22%3A%22GeneXusX%22%2C%22_MODE%22%3A%22%22%2C%22Mode%22%3A%22%22%2C%22IsModified%22%3A%221%22%2C%22MESSAGE_Width%22%3A%22100%22%2C%22MESSAGE_Height%22%3A%22100%22%2C%22MESSAGE_Show%22%3A%22false%22%2C%22MESSAGE_Title%22%3A%22Title%22%2C%22MESSAGE_Message%22%3A%22This%20is%20the%20message%22%2C%22MESSAGE_Type%22%3A%22alert%22%2C%22MESSAGE_Icon%22%3A%22info%22%2C%22MESSAGE_Cls%22%3A%22%22%2C%22MESSAGE_Position%22%3A%22t%22%2C%22MESSAGE_Duration%22%3A1%2C%22MESSAGE_Visible%22%3A1%2C%22CAPTCHA1_Width%22%3A%22140%22%2C%22CAPTCHA1_Height%22%3A%2239%22%2C%22CAPTCHA1_Visible%22%3A1%7D&
Question:
How do i actually replicate/add this parameter to my webrequest via code ?
Is there any way to do so ?
By the way, the site messes alot with scripts which was hard to "figure out" the origin from most parameters used on the requests.
I hope someone might help me out.
Thanks in advance.
I've figured out.
The problem was that i've had to add a custom header to each request.
webRequest.Headers.Add ("customheadertext and value");
Now fiddler shows correctly my new request, with the added header
POST http://sefaznet.ac.gov.br/sefazonline/servlet/hpfsincon?0898a16d81a4e94896958b17b52f252d,gx-no-cache=1354721123208 HTTP/1.1
GxAjaxRequest: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.107 Safari/535.1
Content-Type: application/x-www-form-urlencoded
Referer: http://sefaznet.ac.gov.br/sefazonline/servlet/hpfsincon
Host: sefaznet.ac.gov.br
Cookie: GX_SESSION_ID=B8w8AQ4W%2FLzLHIpBor3JwJDQAWGy1xRqCYUMnzF14Yk%3D; JSESSIONID=c19564cbebfab1911442fd64a0bb
Content-Length: 1291
Expect: 100-continue
Accept-Encoding: gzip, deflate