When I make a HEAD request for a URL with curl -I I get a 403 error:
HTTP/2 403
content-type: application/xml
date: Wed, 22 Aug 2018 15:50:29 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 bfda628fa09b80e042e2c85c85acf1c7.cloudfront.net (CloudFront)
x-amz-cf-id: ryZHGZJ1cKbIa-n1Oxznge9MYl7C2-btqva9W0wQTvooVd6vzAaktw==
When I make the full request with just curl it works fine. I've verified that the behavior is set up with Allowed HTTP Methods GET and HEAD. What am I missing?
Related
We have a vendor who sends us photos that are hosted on Azure Edge. These photos are available and I can download them, but if we do a CURL request we get a 404 roughly 4 out of 5 times. If we do a HEAD request to get the filesize, we get a 404 about 7 out of 10 times. On our production server, we get a 404 100% of the time. Any idea how we might work around this or if there's another way to check these files without the vendor having to fix their issue?
Sample file:
curl -I http://tdrvehicles2.azureedge.net/photos/202008/1419/1850/f253435f-86b1-4cc4-b95c-7756addddad4.jpg
HTTP/1.1 404 Not Found
Pragma: no-cache
Content-Length: 0
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Cache-Control: max-age=31536000
Expires: Thu, 19 Aug 2021 14:12:54 GMT
Date: Wed, 19 Aug 2020 14:12:54 GMT
Connection: keep-alive```
everyone!
I've got a problem with receiving data for request like "/events" (as described in https://asana.com/developers/api-reference/events). I sent GET request to https:/ /app.asana.com:443/api/1.0/events/ and got error 400 (bad request). For further information please see folowing details (token has been obfuscated)
Request:
GET /api/1.0/events/ HTTP/1.1
Authorization: Bearer 0/00000000000000000000000000000000
Host: app.asana.com
Response:
HTTP/1.1 400 Bad Request
Server: nginx
Date: Mon, 01 Feb 2016 10:01:43 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Asana-Content-String-Length: 215
Pragma: no-cache
Set-Cookie: TooBusyRedirectCount=0
Cache-Control: no-store
X-Asana-Preferred-Release-Revision: 20160130_055457_72a36bb0a264503a3e39ecea630b93bfff45340f
X-Robots-Tag: none
Response body:
d7
{"errors":[{"message":"resource: Missing input","help":"For more information on API status codes and how to handle them, read the docs on errors: https://asana.com/developers/documentation/getting-started/errors"}]}
Could you please advice me a solution to solve the issue?
According to the error message, you are missing the resource input.
Please consult https://asana.com/developers/api-reference/events to see how to use this feature.
So, I have to get http://www.rssweather.com/wx/in/kanpur/wx.php with using netcat.
My code goes like this.
nc -v rssweather.com 80
GET http://www.rssweather.com/wx/in/kanpur/wx.php HTTP/1.0
GET http://www.rssweather.com/wx/in/kanpur/wx.php HTTP/1.1
Connection: close
And, the result-
HTTP/1.1 403 Forbidden
Date: Thu, 03 Sep 2015 12:41:08 GMT
Server: Apache
Connection: close
Content-Type: text/html
charset=iso-8859-1
You don't have permission to access /wx/in/kanpur/wx.php
on this server.
Is there any way to overcome this Forbidden 403 error? What am I doing wrong?
You've already connected to the webserver at rssweather.com so you must not specify the full URL in the GET request, just the path:
nc -v rssweather.com 80
GET /wx/in/kanpur/wx.php HTTP/1.0
<blank line with return>
I have a prototype WinForms application that uses open-source DocuSign.Integrations.Client library. It was working correctly until a couple of days ago. Now every attempt to login results in HTTP 406 error. No code has changed on my side, and my user name and password are valid (verified on https://appdemo.docusign.com). Any help is appreciated!
Below is the raw request with masked credentials:
GET http://demo.docusign.net/restapi/v2/login_information?api_password=true&include_account_id_guid=true
HTTP/1.1 Accept: application/json
Content-Type: application/json
X-DocuSign-Authentication: <DocuSignCredentials><Username>______</Username><Password>______</Password><IntegratorKey>____-________-___-___-___-____________</IntegratorKey></DocuSignCredentials>
Host: demo.docusign.net
Connection: Keep-Alive
In response, I get a 302 redirect:
HTTP/1.1 302 Found
Cache-Control: no-cache
Content-length: 0
Location: https://demo.docusign.net
Connection: close
And then receive a 406 error:
HTTP/1.1 406 Not Acceptable
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 09 May 2015 19:16:52 GMT
Content-Length: 1346
Connection: close
This is incorrect:
http://demo.docusign.net/restapi/v2/login_information?
api_password=true&include_account_id_guid=true
It should use HTTPS, not HTTP in your GET URL call:
https://demo.docusign.net/restapi/v2/login_information?
api_password=true&include_account_id_guid=true
Also your error is actually describes what is wrong
HTTP/1.1 406 Not Acceptable
Your request headers should be this:
Accept: application/json
Content-Type: application/json
X-DocuSign-Authentication: <DocuSignCredentials><Username>______</Username><Password>______</Password><IntegratorKey>____-________-___-___-___-____________</IntegratorKey></DocuSignCredentials>
I wrote followed command to send POST with JSON data to server. The server must redirect my request and send GET with the same data:
curl -L -i -XPOST \
-d 'id=105' \
-d 'json={"orderBy":0,"maxResults":50}' http://mysite.com/ctlClient/
I get response:
HTTP/1.1 302 Found
Date: Thu, 04 Jul 2013 13:12:08 GMT
Server: Apache
X-Powered-By: PHP/5.3.19
Set-Cookie: PHPSESSID=1hn0g8d7gtfl4nghjvab63btmk2; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
location: http://mysite.com/fwf/online/
Content-Length: 0
Connection: close
Content-Type: text/html
HTTP/1.1 200 OK
Date: Thu, 04 Jul 2013 13:12:08 GMT
Server: Apache
X-Powered-By: PHP/5.3.19
Set-Cookie: PHPSESSID=16akc7kdcoet71ipjflk9o9cnm5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 1
Connection: close
Content-Type: text/html
From access-log I see:
"POST /ctlClient/ HTTP/1.1" 302 - "-" "Apache-HttpClient/4.1 (java 1.5)"
"GET /fwf/online/ HTTP/1.1" 200 1 "-" "Apache-HttpClient/4.1 (java 1.5)"
So far so good,
The problem is that GET doesn't receives my data added to post. Sounds like during redirect my data dismissed somehow. From Android client it works, therefore its not Server side problem.
What I need to do to pass POST data to GET request?
Thank you very much,
[EDIT]
#nif offerd to upgrade CURL, i did , to 7.28.0.
Still get the same problem
[INFO]
1st time i go to http://mysite.com/ctlClient/index.php where:
case 105: // id=105
session_unset();
session_start();
foreach($_POST as $key => $value){$_SESSION[$key] = $value;}
ctlGotoSameDomain("/fwf/online/"); // <- aka redirect
return true;
after redirect i go to /fwf/online/index.php and there my request is empty:
public function __construct() {
$this->json = isset($_SESSION['json']) ? $_SESSION['json'] : null;
msqLogFile("fwf/post", Array('post' => 'Request: '.$this->json));
}
http://mysite.com/ctlClient/index.php get 2 parameters properly: id and json
From curl's manpage:
When curl follows a redirect and the request is not a plain GET (for example POST or PUT), it will do the following request with a GET if the HTTP response was 301, 302, or 303. If the response code was any other 3xx code, curl will re-send the following request using the same unmodified method.
Edit
I did some research and found out, that it might be a problem with your curl version. Newer version will honour the -XPOST option and will POST to the redirected location as well. But older versions had an own option for this, i.e. --post301 and --post302. According to their manpage:
--post301
Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET
requests when following a 301 redirection. The non-RFC behaviour is ubiquitous
in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using -L, --location
(Added in 7.17.1)
--post302
Tells curl to respect RFC 2616/10.3.2 and not convert POST requests into GET
requests when following a 302 redirection. The non-RFC behaviour is ubiquitous
in web browsers, so curl does the conversion by default to maintain
consistency. However, a server may require a POST to remain a POST after such
a redirection. This option is meaningful only when using -L, --location
(Added in 7.19.1)
References:
Following redirects with curl
HTTP RFC
I need to add -b to my script to enable the cookies. CURL by default doesn't use them and this issue caused to session ID change. Therefore no data transferred.
curl -b -L -i -X POST \
-d 'id=105' \
-d 'json={"orderBy":0,"maxResults":50}' http://mysite.com/ctlClient/
Now its working