I have PHP API which accepting $_GET data.
For Example MY URL is
https://example.com/api.php?email=abc#example.com&fname=MyName
one of my client is posting data and its working fine but when he have fname with white space like My Name,
https://example.com/api.php?email=abc#example.com&fname=My Name
its causing 400 BAD Request error.
I have asked him to use URL encode when sending data and problem got solved but he was not agree to use URL encoding and was asking me to fix issue in MY API and in MY SERVER.
As I know, We can not handle such case by Changing MY Api code or by SERVER.
My Question is its possible that if He send data without encoding and
I can fix it From PHP API or using Server and so he can not get 400
BAD request?
Thanks!
Related
My API written in PHP returns JSON in an api used by a phone.
Depending on certain paramaters, the PHP file either returns the JSON itself or redirects to a different PHP file that returns similar JSON.
In a browser, the JSON returned directly from the starting file looks identical in form to the JSON returned after the redirect. However, the phone is not getting any JSON at all if there is a redirect.
This doesn't make sense to me but it's what I'm seeing. Is it possible for a redirect to mess up a JSON response?
For the record, here is what the JSON looks like in the browser:
{"comment":[{"response":"Hello World"}]}
Edit:
Apparently, redirects in restful APIs are somewhat frowned upon but possible, however, do you have to do something with a status code? This is unfamiliar territory for me.
JSON response redirect
Thanks for any ideas.
You can do redirects using 307 temporary and 308 permanently codes as stated in the IETF draft https://tools.ietf.org/id/draft-hunt-http-rest-redirect-00.html#rfc.section.2.1
Redirection is not the right tool in your case.
As I understand you‘re trying to delegate different endpoints to different files. You should have a look at request routing which happens server side, the client should not have to deal with this.
https://link.medium.com/Sdp3DyXTHX
https://symfony.com/doc/current/components/routing.html
https://www.php-fig.org/psr/psr-7/
I have searched the internet for this answer. I am giving extra details in case someone on SO has encountered this, since we are getting little to no help from those managing the soap server. Here's the challenge:
A request requires a SOAP+WSDL with an MTOM attachment. The example they give is as follows:
<ser:COREEnvelopeBatchSubmission>
<PayloadType>X12_270_Request_005010X279A1</PayloadType>
<ProcessingMode>Batch</ProcessingMode>
<PayloadID>e34d8fae-5dec-08d0-a555-00a0c55e5da1</PayloadID>
<PayloadLength>518</PayloadLength>
<TimeStamp>2015-02-01T18:42:30Z</TimeStamp>
<SenderID>110000000Z</SenderID>
<ReceiverID>MMXX</ReceiverID>
<CORERuleVersion>2.2.0</CORERuleVersion>
<CheckSum>D165797749C4909B582D2167B2195C4A25CDD584</CheckSum>
<Payload>cid:251081255115</Payload>
</ser:COREEnvelopeBatchSubmission>
The Payload (cid:251081255115) must be send as an W3C Message Transmission Optimization Mechanism (MTOM) encapsulated MIME part.
It appears most folks can do this in java. We need to do this (POST a SOAP request with MTOM attachment of an .edi file) using cURL and PHP. Has anyone ever done this successfully? Can you provide an example?
This question already has answers here:
RAW POST using cURL in PHP
(2 answers)
Closed 3 years ago.
There is a website that when you fill some form, it send a xhr request with some content of the form in the payload header. The content is similar to this one (not exactly this, this one was extracted from another website, but the same format of content separated with pipes):
7|0|5|https://www.bosscapital.com/app/Basic/|B8CC86B6E3BFEAF758DE5845F8EBEA08|com.optionfair.client.common.services.TradingService|getAssetDailyTicks|J|1|2|3|4|2|5|5|CB|U9mc4GQ|
I want to replicate this request with cURL but I don't know how to do it. I don't know the name of the input fields (because the have no name in the HTML code and I can't find the request on the JS).
I was looking at some Stack Oveflow treads like this, this or this, but still is not clear for me how to do it.
Hope you can help.
P.D.: I know how to use cURL, but I din't even know this Request Payload thing before this job was assigned to me.
I strongly recommend you to use Postman to run your call (or see the curl version)
https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop
with the interceptor to catch the XHR request https://chrome.google.com/webstore/detail/postman-interceptor/aicmkgpgakddgnaphhhpliifpcfhicfo
I am working with another company to build a customer billing interface to their reporting software. Their system is built using ASP.NET/IIS and my system is built using PHP/Apache. They have an API that sends/receives JSON data over POST using a content-type of application/json; charset=UTF-8
I wrote a wrapper for sending data to them which they receive just fine, and also set up an endpoint for them to send data to which works just fine when I test it with cURL or Chrome's "Postman" extension, but I can't see any data they send me.
Basically my endpoint grabs the raw post data from php://input like this:
$pData = file_get_contents('php://input');
$pData = json_decode($pData);
As stated before this works great when I use postman, but when they send the request I see no raw data, nothing in $_POST and of course nothing in $_GET. I have even tried $HTTP_RAW_POST_DATA which gives me the same result as php://input.
I am logging all requests and can see they are making the request to my endpoint, but there is no content-length given so I can't tell if the data is even making it to me. Is there something I am missing on my end that would cause me to miss the raw data from an ASP.NET application? Or is it safe to assume the issue is on their end?
Thanks
Issue was on their end apparently. index.php was under a couple directories like https://www.domain.com/dir1/dir2/index.php - They were posting to https://www.domain.com/dir1/dir2 which apparently didn't work but posting to https://www.domain.com/dir1/dir2/ worked fine. Not sure why that was an issue for ASP.NET/IIS and not for PHP/Apache, cURL from a linux terminal, Postman, and http://hurl.it
While sending a PHP POST request to Apache server, the request is blocked by server. I am getting the forbidden error. This is very specific for some request. In the request i am sending the html data and saving the html data in the MYSQL database. I am using the unix operating system.
I am trying to save some sentence like,
process = runtime.exec("");
I am sending the above sentence i am getting the forbidden error, otherwise i am getting the success response.
I think your server set up forbids some URL parameter values. A comparable example (for Struts), that explains why can be found here: https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt
You could try to trick it with some encoding (I doubt this will work) or substitute the word ".exec(" with something harmless.