I am trying trying to connect to a website(http) through my java code where I am setting target host as the mitm proxy, but on the proxy side I am getting this error
Invalid HTTP request form (expected: authority or absolute, got: relative)
xxx.xx.xx.xxx:xxxxx: HTTP protocol error in client request: Invalid HTTP request form (expected: authority or absolute, got: relative)
and in java response I am getting 400 Bad Request.
Below is the code I am trying to run:
HttpHost target = new HttpHost("xx.x.x.x7", xxxx);
HttpPost post = new HttpPost("http://weevil.info/");
post.addHeader("content-type", "application/x-www-form-urlencoded");
CloseableHttpClient client = HttpClientBuilder.create().build();
// send the post request
HttpResponse response = client.execute(target, post);
System.out.println(response);
Command used to run mitm:
mitmdump -p 8083 -s mitmProxy.py
Related
I am using the apache HTTP component to call requests to domains. Ex: google.com, youtube.com, abc.xyz. I only have domains when calling the request I am not sure which protocol(HTTP or HTTPS) should be used.
final HttpGet httpget = new HttpGet("httpbin.org/get");
HttpResponse response =httpclient.execute(httpget);
So how do I can send a request without protocol(http,https)
I configured an HTTPS website on AWS, which allows visiting from a white list of IPs.
My local machine runs with a VPN connection, which is in the white list.
I could visit the website from web browser or by the java.net.http package with the below code:
HttpClient client = HttpClient.newHttpClient();
HttpRequest request = HttpRequest.newBuilder()
.uri(URI.create("https://mywebsite/route"))
.GET() // GET is default
.build();
HttpResponse<Void> response = client.send(request,
HttpResponse.BodyHandlers.discarding());
But if I replaced the code with a Vertx implementation from io.vertx.ext.web.client package, I got a 403 forbidden response from the same website.
WebClientOptions options = new WebClientOptions().setTryUseCompression(true).setTrustAll(true);
HttpRequest<Buffer> request = WebClient.create(vertx, options)
.getAbs("https://mywebsite/route")
.ssl(true).putHeaders(headers);
request.send(asyncResult -> {
if (asyncResult.succeeded()) {
HttpResponse response = asyncResult.result();
}
});
Does anyone have an idea why the Vertx implementation is rejected?
Finally got the root cause. I started a local server that accepts the testing request and forwards it to the server on AWS. The testing client sent the request to localhost and thus "Host=localhost:8080/..." is in the request header. In the Vert.X implementation, a new header entry "Host=localhost:443/..." is wrongly put into the request headers. I haven't debug the Vert.X implementation so I have no idea why it behaviors as this. But then the AWS firewall rejected the request with a rule that a request could not come from localhost.
I'm trying to call a REST API for this end point URL. But I'm getting this exception
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
I have already added the JCE and installed the certificate in the Java keystore.
I'm using Java 8 and part of my code looks like this:
Client client = ClientBuilder.newClient();
WebTarget target = client.target(END_POINT);
Invocation.Builder invocationBuilde = target.request(MediaType.APPLICATION_JSON);
Response response = invocationBuilder.get();
String s = response.readEntity(String.class);
System.out.println(s)
In addition to this I activated the debug mode -Djavax.net.debug=all and this is all the negotiation:
Negotiation REST API
I am using http request (post) to an api endpoint.
I pass the correct parameters for authentication on msg.payload {"username:"xxx","password":"password"}. The server return the statusCode = 302 and I can't read the set-cookie header.
How to solve this problem?
I was using the node-red-contrib-https 1.0.0. I changed to the HTTP Request Node that comes with node-red, import the tls certificate and everything works.
I use socket.http to get info from a https url with proxy:
here is my codes:
local https = require("socket.http")
local r, c, h, s = https.request{
url = "https://www.google.fr",
proxy="http://proxy:3128/"
}
print(r, c, h, s)
I have a error:" HTTP/1.1 501 Not Implemented
Unsupported Request Method and Protocol, Squid does not support all request methods for all access protocols."
But when I test url http with proxy:
url = "http://www.google.fr",
proxy="http://proxy:3128/"
or url https without proxy:
url = "https://www.google.fr"
It is OK.
It seems just https with proxy does not work. May be the socket.http does not support https with proxy or my proxy squid does not support https from lua socket request?
But when I use curl in lua to require an url https with proxy: os.capture("curl -x http://proxy.com:3128" -XGET https://www.google.fr), it is OK .
So somebody can help me? Thank you !!!
socket.http doesn't support https. You need to be using luasec and its ssl.https module instead.