Following instructions here, the following code appears to return good results on the example sites, but on an actual phishing site (https://www.clicktrackingsall.com/a.php) it returns empty:
const axios = require('axios');
const apikey = '<apikey>';
const req = (uri) => `https://webrisk.googleapis.com/v1/uris:search?key=${apikey}&threatTypes=MALWARE&threatTypes=SOCIAL_ENGINEERING&threatTypes=UNWANTED_SOFTWARE&uri=${encodeURIComponent(uri)}`
const checkUrl = async (url) => {
return axios.get(req(url));
}
// returns threatTypes: [ 'SOCIAL_ENGINEERING' ]
checkUrl('http://testsafebrowsing.appspot.com/s/phishing.html').then(({data}) => console.log(data));
// returns threatTypes: [ 'MALWARE' ]
checkUrl('http://testsafebrowsing.appspot.com/s/malware.html').then(({data}) => console.log(data));
// returns empty result
checkUrl('https://www.clicktrackingsall.com/a.php').then(({data}) => console.log(data));
When navigating to the page with chrome, it does block it.
Using the google transparency report also returns phishing.
Also occurs when using the Safe Browsing api
const axios = require('axios');
const url = 'https://safebrowsing.googleapis.com/v4/threatMatches:find?key=<yourapikey>';
const jsonReq = {
"client": {
"clientId": "<client-id>",
"clientVersion": "<client-version>"
},
"threatInfo": {
"threatTypes": [ "MALWARE", "SOCIAL_ENGINEERING", "UNWANTED_SOFTWARE", "POTENTIALLY_HARMFUL_APPLICATION"],
"platformTypes": ["ANY_PLATFORM"],
"threatEntryTypes": ["URL","EXECUTABLE"],
"threatEntries": [
{"url":"http://testsafebrowsing.appspot.com/s/phishing.html"},
{"url":"http://testsafebrowsing.appspot.com/s/malware.html"},
{"url":"https://www.clicktrackingsall.com/a.php"},
{"url":"http://getnetflix.club/"}
]
}
};
axios.post(url, jsonReq).then(result => {
console.log(JSON.stringify(result.data, null, 2));
})
/* prints:
{
"matches": [
{
"threatType": "SOCIAL_ENGINEERING",
"platformType": "ANY_PLATFORM",
"threat": {
"url": "http://testsafebrowsing.appspot.com/s/phishing.html"
},
"cacheDuration": "300s",
"threatEntryType": "URL"
},
{
"threatType": "MALWARE",
"platformType": "ANY_PLATFORM",
"threat": {
"url": "http://testsafebrowsing.appspot.com/s/malware.html"
},
"cacheDuration": "300s",
"threatEntryType": "URL"
}
]
}*/
Am I doing something wrong?
I got the same result,
it returns empty: {} in CURL
except only their own example, as I tried to change url or threatTypes It return nothing.
curl -X GET \
-H "Authorization: Bearer "$(gcloud auth application-default print-access-token) \
""https://webrisk.googleapis.com/v1/uris:search?threatTypes=MALWARE&uri=http%3A%2F%2Ftestsafebrowsing.appspot.com%2Fs%2Fmalware.html""
Related
i want to make axios request from other axios response. and combine the console.log
i have already try
const data1 = axios.get(`https://website.com/json1respon`).then(({ data }) => {
const data2 = axios
.get(`https://website2.com/${data.data.product}`)
.then(({ data }) => {});
});
console.log(data1, data2);
json response website 1
{
"data": {
"trx_id": "T221129CEVD013700",
"ref_id": "YEPE-780HM434",
"destination": "101216575|2522",
"product": "344",
"status": "Sukses",
"sn": "мυн. яιfqу29. RefId : S221129031615475TPZI",
},
"status": 1
}
json respon website 2
{
"data": {
"res": 75000,
"pbl": 80000
}
}
so i want to combine like this
status : ${data.data.status}
serial : ${data.data.sn}
product : ${data.data.product}
price : ${data.data.pbl}
when i try it separate each other
You may use await and async features for better readability and await callback hell for the future.
try {
const data1 = await axios.get(`https://website.com/json1respon`);
const data2 = await axios.get(`https://website2.com/${data1.data.product}`);
let respt = data2.data.price;
} catch (e) {
// handle error
}
I need to benchmark all my express apis.
I found this package on github. Examples are listed only for one get request.
There are also some other samples for other requests as well.
I want to know should I create a separate script for all the APIs and run them once.
I already have a postman collection for all the APIs. Is there any way I can use that to benchmark them?
If there is any other way to benchmark express APIs, please suggest.
Update
const autocannon = require("autocannon");
const fs = require("fs");
const collection = JSON.parse(fs.readFileSync("./customer-apis-v1.3.2.json", "UTF-8"));
const requests = collection.item;
(async function test() {
for (const request of requests) {
console.log(`Testing ${request.name}`);
for (const item of request.item) {
const result = await autocannon({
title: item.name,
url: item.request.url.raw,
method: item.request.method,
});
autocannon.printResult(result);
}
}
})().catch((error) => console.log(error));
You can export your Postman Collection as JSON.
Right Click on the collection
Click export
Choose Collection type
Click export
The exported file will be a .json file and will look like this:
{
"info": {
"_postman_id": "...",
"name": "...",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "name",
"request": {
"method": "GET",
"header": [],
"url": {
"raw": "http://...",
"protocol": "http",
"host": [
...
],
"path": [
...
],
"query": [
{
"key": "...",
"value": "..."
}
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
Then you can use autocannon programatically and read the json file
const autocannon = require("autocannon");
const fs = require("fs");
// read array of items from exported .json file from postman
const requests = JSON.parse(fs.readFileSync("path/to/postman/exported.json", "UTF-8")).items;
async function test() {
for (const item of requests) {
// test request using autocannon, pass the method, body, etc. on the autocannon options
// you might need to manipulate your data in item so you can pass it to autocannon
console.log(`Testing ${item.name}`);
const result = await autocannon({
url: item.request.url.raw,
method: item.request.method,
... // read other options here: https://github.com/mcollina/autocannon#autocannonopts-cb
})
console.log(result);
// or print table
autocannon.printResult(result);
}
}
You can also do it without await
The other way is to use Postman built-in Testing utility
Right click on the collection
Click Edit
Click Tests tab
Write your test script there
Doc about writing test: https://learning.postman.com/docs/writing-scripts/test-scripts/
Doc about monitoring test performance: https://learning.postman.com/docs/designing-and-developing-your-api/monitoring-your-api/intro-monitors/
I am trying to create an app and within the app the user can install a theme, however, I can't seem to work out why the theme is not being created. It keeps pulling the themes already installed on my store to the console, my code doesn't seem to create a theme that would show up on my shopify store.
server.js
router.post('/api/theme', async (ctx) => {
try {
const results = await fetch("https://" + ctx.cookies.get('shopOrigin') + "/admin/themes.json", {
headers: {
'X-Shopify-Access-Token': ctx.cookies.get('accessToken')
},
})
.then(response => response.json())
.then(json => {
console.log("https://" + ctx.cookies.get('shopOrigin') + "/admin/api/2020-01/themes.json", json);
});
ctx.body = {
data: results
};
} catch (err) {
console.log(err)
}
});
frontend .js file
async function getUser() {
var url = `/api/theme`;
var method = 'post';
const theme = {
theme: {
name: "Lemongrass",
src: "https://codeload.github.com/Shopify/skeleton-theme/zip/master"
}
};
const data = JSON.stringify(theme);
fetch(url, { method: method, body: data})
}
In order to create a theme you need a zip archive of the theme you like to create.
The end point should be /admin/api/2020-01/themes.json and the body should be something like this:
{
"theme": {
"name": "Theme name",
"src": "http://themes.shopify.com/theme.zip",
"role": "unpublished"
}
}
Please refer to https://shopify.dev/docs/admin-api/rest/reference/online-store/theme#create-2020-01 for more information.
At the moment from your code I don't see neither the correct POST request, neither the archive file.
I have a Cloudflare (CF) worker that I want to have make a few DNS requests using the CF DNS (https://developers.cloudflare.com/1.1.1.1/dns-over-https/json-format/).
So a pretty basic worker:
/**
* readRequestBody reads in the incoming request body
* Use await readRequestBody(..) in an async function to get the string
* #param {Request} request the incoming request to read from
*/
async function readRequestBody(request) {
const { headers } = request
const contentType = headers.get('content-type')
if (contentType.includes('application/json')) {
const body = await request.json()
return JSON.stringify(body)
}
return ''
}
/**
* Respond to the request
* #param {Request} request
*/
async function handleRequest(request) {
let reqBody = await readRequestBody(request)
var jsonTlds = JSON.parse(reqBody);
const fetchInit = {
method: 'GET',
}
let promises = []
for (const tld of jsonTlds.tlds) {
//Dummy request until I can work out why I am not getting the response of the DNS query
var requestStr = 'https://cloudflare-dns.com/dns-query?ct=application/dns-json&name=example.com&type=A'
let promise = fetch(requestStr, fetchInit)
promises.push(promise)
}
try {
let results = await Promise.all(promises)
return new Response(JSON.stringify(results), {status: 200})
} catch(err) {
return new Response(JSON.stringify(err), {status: 500})
}
}
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request))
})
I have just hardcoded the DNS query at the moment to:
https://cloudflare-dns.com/dns-query?ct=application/dns-json&name=example.com&type=A
and I would expect that the JSON result I would get is:
{
"Status": 0,
"TC": false,
"RD": true,
"RA": true,
"AD": true,
"CD": false,
"Question": [
{
"name": "example.com.",
"type": 1
}
],
"Answer": [
{
"name": "example.com.",
"type": 1,
"TTL": 9540,
"data": "93.184.216.34"
}
]
}
however instead in results I get what appears to be the outcome of the websocket established as part of the fetch() (assuming I go around the loop once)
[
{
"webSocket": null,
"url": "https://cloudflare-dns.com/dns-query?ct=application/dns-json&name=example.com&type=A",
"redirected": false,
"ok": true,
"headers": {},
"statusText": "OK",
"status": 200,
"bodyUsed": false,
"body": {
"locked": false
}
}
]
So my question is, what am I doing wrong here such that I am not getting the DNS JSON response from the 1.1.1.1 API?
fetch() returns a promise for a Response object, which contains the response status, headers, and the body stream. This object is what you're seeing in your "results". In order to read the response body, you must make further calls.
Try defining a function like this:
async function fetchJsonBody(req, init) {
let response = await fetch(req, init);
if (!response.ok()) {
// Did not return status 200; throw an error.
throw new Error(response.status + " " + response.statusText);
}
// OK, now we can read the body and parse it as JSON.
return await response.json();
}
Now you can change:
let promise = fetch(requestStr, fetchInit)
to:
let promise = fetchJsonBody(requestStr, fetchInit)
I feel like pulling my hair out; this is either super simple and i'm having brain freeze or it is not that simple.
What I want
I am trying to unshorten a shortened URL using firebase, when a user goes to:
myapp.firebaseappurl.com/url/SHORTENEDLINK
SO wont let me add a shortened URL
I would like the output to be:
{
"url": "https://stackoverflow.com/questions/45420989/sphinx-search-how-to-use-an-empty-before-match-and-after-match"
}
What I have tried
firebase.json file:
{
"hosting": {
"public": "public",
"rewrites": [ {
"source": "/url/:item",
"destination": "/url/:item"
} ]
}
}
index.js file:
const functions = require('firebase-functions');
exports.url = functions.https.onRequest((requested, response) => {
var uri = requested.url;
request({
uri: uri,
followRedirect: true
},
function(err, httpResponse) {
if (err) {
return console.error(err);
}
response.send(httpResponse.headers.location || uri);
}
);
});
Result
When I go to myapp.firebaseappurl.com/url/SHORTENEDLINK I get the following:
Error: could not handle the request
You are seeing Error: could not handle the request since there probably was an exception and it timed out.
Check your logs using:
firebase functions:log
Refer docs for more details
Here's how I got URL unshortening to work
const functions = require('firebase-functions');
const admin = require('firebase-admin');
admin.initializeApp(functions.config().firebase);
const http = require('http');
const urlP = require('url');
const unshorten = (url, cb) => {
const _r = http.request(
Object.assign(
{},
urlP.parse(url),
{
method: 'HEAD',
}
),
function(response) {
cb(null, response.headers.location || url);
}
);
_r.on('error', cb);
_r.end();
};
const resolveShortUrl = (uri, cb) => {
unshorten(uri, (err, longUrl) => {
if (longUrl === uri) {
cb(null, longUrl);
} else {
resolveShortUrl(longUrl, cb);
}
});
};
exports.url = functions.https.onRequest((requested, response) => {
var uri = requested.query.url;
resolveShortUrl(uri, (err, url) => {
if (err) {
// handle err
} else {
response.send({ url });
}
});
});
You can follow the hello world example straight away and use the above code as your function.
Above code uses HEAD requests to peek into 'Location` field of the headers and decides if the url can be further unshortened.
This is lighter as HEAD requests ask for no body (thereby avoiding body parsing). Also, no third party lib required!
Also note that the url passed as a query param. So the request would be
http://<your_firebase_server>/url?url=<short_url>
Saves you the trouble of URL re-writes. Plus semantically makes a little more sense.
Did you tried using { source: '/url/**' } syntax?
You can use something like this;
{
"hosting": {
"public": "public",
"rewrites": [ {
"source": "/url/**",
"function": "/url"
}]
}
}
and then you can parse the url from the request.
exports.url = functions.https.onRequest((req, res) => {
// parse the url from the req and redirect to the correct link
});
You should try this in the firebase.json, its worked for me:
"source": "/**",
I also tried "source": "/url/**" but its not worked.
I think your code is fine. What you're doing incorrectly is that you're using Express-js notations in your firebase.json's rewrites node. (the :item part). These don't work in the Firebase Realtime Database.
So, instead of doing that, change your firebase.json to the following :-
{
"hosting": {
"public": "public",
"rewrites": {
"source": "YOUR SHORTENED URL",
"destination": "YOUR ORIGINAL URL"
}
}
}
This is also the advocated approach in the Cloud Functions for Firebase's URL Shortener sample.
First make sure you are receiving the request properly with the shortened url.
const functions = require('firebase-functions');
const express = require('express');
var express_app = express();
express_app.use(body_parser.text({type: ()=>true}));
express_app.all('*', (req, res) => {
console.log(req.path);
res.send(JSON.stringify(req.path));
});
exports.url = functions.https.onRequest(express_app);
Now when you visit myapp.firebaseappurl.com/url/SHORTENEDLINK you should see the SHORTENEDLINK in plain text. When that's working, try the redirect.
const functions = require('firebase-functions');
const express = require('express');
const request = require('request');
var express_app = express();
express_app.use(body_parser.text({type: ()=>true}));
express_app.all('*', (req, res) => {
var url = req.path;
request({
uri: uri,
followRedirect: true
},
function(err, httpResponse) {
if (err) {
return console.error(err);
}
res.send(httpResponse.headers.location || uri);
}
);
});
exports.url = functions.https.onRequest(express_app);
Also it's good practice to npm install with --save so they end up in the packages.json. While firebase copies your node_modules folder, most other SaaS platforms run npm install.