I'm finishing an app that sends data as a multipart HTTP POST to a server.
Problem is that said server is not available yet, and I want a sort of 'dummy' server to set up that can receive an HTTP POST request like that and just store/spit out the end result so I can see what I'm sending.
I have a host and know my way around a web server, but I never had to deal with a situation like this.
Thoughts?
Consider using a web proxy to verify that what you sent is correct. I use Charles. Charles can also be setup to return fake responses.
you can use wamp to set up a server on your host and any php frameworks to get http requests such as codeigniter
Related
I have been building an HTTP Server (in the C programming language), and I'm wondering what would handle a POST request sent by a client. That is, if a client sends me a POST request to a PHP page, then how would I pass the data sent by the client to the PHP page?
Feel free to ask for clarification.
Something needs to parse, compile and execute the PHP page. You're not about to write your own, so your server will need to act as a proxy for the request.
Solution 1: Setup a FastCGI PHP daemon. Your web server can then forward the request to PHP using the FastCGI protocol.
Solution 2: Setup a web server capable of handling PHP requests. Your web server can then (indirectly) forward the request to PHP using HTTP or HTTPS. This is less work for you, but it begs the question why you're not just using that web server throughout.
I have a file in PHP receiving a POST from an Android application and it works correctly but it also works correctly if loaded from a browser. What would be the most correct and efficient way to prohibit this from happening?
Try testing for the user agent in the request $_SERVER["HTTP_USER_AGENT"]. With PHP you can use the get_browser() for more information given the user agent.
Note that any client could send fake a user agent, so this information is good hint, but as any user input, it must not be trusted completely.
If you own the Android application I would suggest sending a security token generated on the android app via HTTPS to your PHP app where it would be validated.
Add header while making the HTTP request.
e.g. Application Type
httppost.setHeader("Application-Type", "ANDROID");
This will differentiate between your calls and server may get to know if call is made from mobile with having this header while Browser doesn't.
Take a look at a page with phpinfo() on that from the android
You can check the Browser and OS, based on that you can chose what to do
I'm in the process of trying to better understand http, more specifically I want to get comfortable working with web based APIs. Some of the documentation I've read for specific API's mention that the API will expect to get an http request in exactly this format, with specific headers and content.
I'm trying to use php cURL, but googling around I haven't found a way (that I understand) simply print my http request to the screen or a text file rather than sending it. I want to make sure that the request I'm constructing looks how I intend it to, rather than just getting back a success or failure message from whatever server the request is sent to. Is there an easy way to do this?
You should try using Fiddler. Fiddler show RESPONSE and REQUEST HEADER. Other than that you can install some extension to your browser that shows HEADER, Firefox does have such extension I think it is called LiveHTTP... sorry didn't remember name.
For web debugging Fiddler is what you need http://fiddler2.com/
is there a way to send a AJAX post to a PHP page that is in a server that I don't have access? The server always send Access Control Allow Origin error, because I'm sending a post from my server (that I have access) to another server (that I don't' have access). It seems that this server that I don't own only accepts post from it.
Any code, tip? I found easyxdm to do that but I don't' know how to use it.
Yes, send the post using your php server(not javascript). That's your only option if you don't have access to the other server and they aren't returning proper CORS headers.
I am sending http request to my server using ASIHTTPRequest library but I don't know if it obfuscates the request data. Also on the sever side, I am creating an XML file and response back to the device using php. What is the safe way to form an XML document and send back to the device?
The only safe way to connect to a webserver is by using SSL/https.
I would recommend SSL and/or XML Signatures
Anything sent over just http is sent in clear text. Anyone can see your traffic on any part of the route from you to the destination. This is why facebook/twitter and a number of sites have switched to an https preferred model.