We use web queries to retrieve data in Excel for reporting purpose. These Web queries are working correctly in Excel 2007, 2010, 2013 and 2016.
But when used in Mac Excel 2016 it fails.
We perform these web queries using VBA and retrieve data generated by a Spring REST interface.
I already tried using http GET instead of http POST and tried performing the web query via the UI ('Data' -> 'Get External Data' -> 'Run Saved Query' using a .iqy file).
Also error seems not to be content related (tried very simple html; <html><body><table><tr><td>col1</td></tr><tr><td>value1</td></tr></table></body></html>).
When using Wireshark to analyze the traffic, the response of the REST call is correct (http 200 with correct content).
Errors reported using UI import using '.iqy' file: "cannot locate the internet server or proxy server".
Error performing web query using VBA: "Error 1004 Application-defined or Object-defined error".
Does anyone have an idea what can cause this behavior?
Found the reason: Spring MVC (REST) has some default headers it sets. One of them is X-Content-Type-Options: nosniff. The way we generated some of the REST response data, resulted in not setting the Content-Type header.
Mac Excel was not able to determine the content type (because of the X-Content-Type-Options: nosniff option).
This can be solved by either not setting the X-Content-Type-Options header or explicitly set the Content-Type header.
Bonus info: I've used WireMock to simulate REST interface and was able to strip headers one by one exposing the culprit.
Related
We would like to use PUT, PATCH and DELETE methods when building our internal API in Domino, but I can't configure those methods. Server refusing to pass them.
When I used method PUT Domino replied to me:
Error code: 405 | Request method is not allowed by the server
After that I enabled methods via notes.ini
HTTPEnableMethods=GET,POST,PUT,DELETE,HEAD,PATCH
That seems to help a bit but now it says something about URL, but I do not really get what it means.
Error code: 405 | The HTTP method is not allowed for the specified URL
I have made tests on two different setups: with and without internet sites documents enabled in server documents.
Does anybody what I need to do to solve the problem above?
UPDATE
I just noticed a help text on Internet Site for "Methods" field.
GET, HEAD, and POST are the most commonly used methods. OPTIONS and TRACE are useful for debugging. PUT and DELETE should only be enabled if the Web site includes special CGI programs or Java applications that implement them.
Based on that it seems it is not possible to make PUT and DELETE work out of the box.
I started working with the WebDAVSharp.Server library to make it work in a custom project of mine.
The amount of changes I had to do was breathtaking.
I have reached the point of making it work in an acceptable manner for my case, but I still have an issue with Office 2003 opening the files as read only.
I have fixed the non-root problem that I had, and my server responds to the PROPFIND and OPTIONS methods on all the levels of the webdav link, but Office 2003 opens the document as read-only and when trying to save it on the WebDav URL manually, it stops itself from saving the document after my PROPFIND response. And I cannot find why it does that, because I have checked almost everything. Also, newer Office versions (e.g. 2013, 2016) don't have this problem.
Here is the request from MS Word:
And here is the WebDav response:
And here are the response headers:
I am not an expert on WebDav, but it asks for all the properties of the documents and the response gives it just that. What else does it want?
Also, it never sends a LOCK method, so I doubt it is a LOCK problem.
And the request flow is like that:
The unauthorized requests are because it first sends the request without credentials and then it re-tries with credentials.
The first PROPFIND is for the containing folder/collection. I give a proper response to that, signifying it is a folder.
What is weird, is that Office 2003 never seems to issue an OPTIONS request, so I never send the MS-Author-Via header. So, this can be what causes the problem, but what can I do to force it send this request?
Any ideas or hints are welcome. I am sure there are people out there that can find the problem by simply looking at this.
UPDATE:
After seeing this, I added the Win32FileAttributes property and others from the same Microsoft namespace, but I still don't see any improvement in the behavior. This is my new PROPFIND response XML:
But I think I should approach it the other way around: Find out why after the GET method the document is in Read-Only mode.
One thing that I also fixed, is to trust my proxy certificate, which changed the request flow to this:
Servicestack Version: 3.9.71.0
Target Framework: .NET 3.5
Program background: has been in production use for over 3.5 years
Recently due to a customer security audit items were brought to our attention. All but one have been eliminated as IIS configuration changes.
The last item identified describes a situation in which the probing software accessed an endpoint without the proper authentication. This was fine and the expected result was the 403 Forbidden. The unexpected result was that the response body is displaying certain internal information of the server.
Based on quite a few articles I have searched it seams the the response body information being returned is a result of how Servicestack my be configured.
I realize this is a fairly older version of Service Stack. My preference would be to identify an IIS setting to override a forbidden response. Aside from that an option to just return a status code of 403 without the additional information. The third would be to create and use a custom 403 response object to control what is revealed.
Any guidance or help would surely be appreciated.. Thank you in advance.
ServiceStack v3 is a very old version of ServiceStack last updated in 2013. If you need to make any changes you'll need to create a custom build from its Sources
Looking at the v3 sources for how it resolves the ForbiddenHttpHandler:
ForbiddenHttpHandler = config.GetCustomErrorHttpHandler(HttpStatusCode.Forbidden);
It looks like you'll be able to override what HttpHandler is used by overriding the CustomHttpHandlers, e.g:
EndpointHostConfig.Instance.CustomHttpHandlers[HttpStatusCode.Forbidden] = MyHandler {...}
I'm trying to use Excel to connect to a netsuite restlet script to pull information and populate a sheet.
I have tried to connect via "web" and entering the url and adding headers. If I try to add the content-type to be application/json, I get an error that "name":"INVALID_RETURN_DATA_FORMAT","message":"Invalid data format. You should return TEXT"
I saw that I can connect to a JSON file via Excel, or to a webservice, but it doesn't seem to return the json object. Is there something I am doing wrong? I have the authorization and content-type headers, and my url is correct for the external url of the webservice. Is there a better way to do this?
The purpose of this file is to essentially pull down records of a certain type into Excel, allow the user to edit, and then push that information back into Netsuite. The restlet is working well, now I just need to get the Excel portion working properly.
Thanks!
You need to include a Content-Type Header in your request.
Content-Type: application/json
NetSuite looks at this not only to identify the request body format, but also the encoding of the Restlet's response. (It's a bit counter-intuitive, because usually an Accept header is used to tell the server the response content type expected, especially if you are just sending a GET request that doesn't even have a body.. but that's NetSuite..)
For more details see the Help Center topic "Creating a Content-Type Header"
I have been trying to insert a RSS Viewer web part in my SP 2010 site however i receive the error:
ProtocolError occured trying to complete the request. The server returned a status code of : ProxyAuthenticationRequired and the status description is : "Proxy Authentication Required"
This seems to only happen when a feed does not end in ".rss". I have tried external and internal Sharepoint sites and MSDN feeds and they all work fine.
Is there anything i can do to fix this?
Thanks in advance
This is a bit of longshot but permission might be given to have the .rss mime type to be handled by your webserver. Maybe you can have a look there. If there is a handler for the .rss type. Maybe you can copy that for the extension you do want.
See here: http://www.dotnetperls.com/ashx
and here: http://technet.microsoft.com/en-us/library/cc771240%28WS.10%29.aspx
Are you making sure you are sending the correct mime type with your request/response?
Try using wireshark or fiddler to inspect the network traffic. Sometimes there is some negotiating in network packets which can give vital information.