The code (taken from SO):
// create the logger and log writer
$writer = new Zend_Log_Writer_Firebug();
$logger = new Zend_Log($writer);
// get the wildfire channel
$channel = Zend_Wildfire_Channel_HttpHeaders::getInstance();
// create and set the HTTP response
$response = new Zend_Controller_Response_Http();
$channel->setResponse($response);
// create and set the HTTP request
$channel->setRequest(new Zend_Controller_Request_Http());
// record log messages
$logger->info('info message');
$logger->warn('warning message');
$logger->err('error message');
// insert the wildfire headers into the HTTP response
$channel->flush();
// send the HTTP response headers
$response->sendHeaders();
$this->_redirect('/login/success');
Apparently, all the messages won't appear if I use _redirect(), however, if I use something like
$this->getResponse()->setHeader('Refresh', '0; URL=/login/success');
it will work. So my question is:
What should I do to make sure the messages will appear in my Firebug Console (using _redirect())?
Update 1:
In the Net tab, I can see the messages are in the HEADER, but it's not appearing in my Firebug
Date Wed, 08 Dec 2010 03:42:15 GMT
Server Apache/2.2.16 (Unix) DAV/2 PHP/5.3.3
X-Powered-By PHP/5.3.3
Expires Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma no-cache
X-Wf-Protocol-1 http://meta.wildfirehq.org/Protocol/JsonStream/0.2
X-Wf-1-Structure-1 http://meta.firephp.org/Wildfire/Structure/FirePHP/FirebugConsole/0.1
X-Wf-1-Plugin-1 http://meta.firephp.org/Wildfire/Plugin/ZendFramework/FirePHP/1.6.2
X-Wf-1-1-1-1 156|[{"Type":"INFO","File":"\/home\/foo\/workspace\/php\/identiti\/application\/modules\/default\/controllers\/LoginController.php","Line":64},"info message"]|
X-Wf-1-1-1-2 159|[{"Type":"WARN","File":"\/home\/foo\/workspace\/php\/identiti\/application\/modules\/default\/controllers\/LoginController.php","Line":65},"warning message"]|
X-Wf-1-1-1-3 158|[{"Type":"ERROR","File":"\/home\/foo\/workspace\/php\/identiti\/application\/modules\/default\/controllers\/LoginController.php","Line":66},"error message"]|
Location /login/success
Content-Length 0
Keep-Alive timeout=5, max=100
Connection Keep-Alive
Content-Type text/html
Update 2:
Apparently it's a bug, confirmed in FirePHP Official Forum. I'll wait untill there's a real fix before I answer this question.
Thanks for the detailed test case.
This is a bug in FirePHP Companion.
Working on a fix. Will let you know
when done (ETA Friday).
Thanks! Christoph
Does enabling the "Persist" option in the Firebug Console tab help?
This is the official answer from the author himself:
I have good and bad news. Logging during redirects works now for FirePHP 1.0 + FirePHP Companion. It will not work for the native Zend Framework implementation until early next year.
To get a working solution, please upgrade to FirePHP 1.0: http://upgrade.firephp.org/
Also see: http://www.christophdorn.com/Blog/2010/11/29/firephp-1-0-in-5-steps/
Instructions for logging during redirects:
http://reference.developercompanion.com/#/Tools/FirePHPCompanion/FAQ/#Redirect Messages
I would suggest using the FirePHP 1.0 library in addition to or instead of the ZF components. This will be much improved early next year.
Please let me know if you get this working.
Related
following this article http://www.ktskumar.com/2017/01/access-sharepoint-online-using-postman/
I was able to register an app and get a client_id as well as a security token.
Now if I follow the article, I'm able to get an access token by using Postman, SOAP UI as well as by using a REST client in browser. I'm also able to fetch data from SharePoint using this token.
However, I need to do this from a unix based middleware, which is able to do HTTP calls as well. I tried everything but I can't get it work.
Preparation that has been done before:
register new app by using https://.sharepoint.com/sites//_layouts/15/appregnew.aspx
add app and permission to site collection to grant access by using https://.sharepoint.com/sites//_layouts/15/appinv.aspx
After this, I do some webservice calls like this
I try to get an access token by calling https://accounts.accesscontrol.windows.net/<mytenant_id>/tokens/OAuth/2 and got one. I can use this token in every REST client as well as in Postman. So I assume it is a valid one.
Now I try to retrieve the Title of web by calling this URL https://<my_tenant>.sharepoint.com/sites/<site_collection>/_api/web?$select=Title
This always returns a 403 but only when using middleware system. If I do the same from any other client, it works.
Could someone please enlight me what is going wrong here?
This is how the request header looks like (I've shorten some things)
cookie'='fpc=...some other stuff; domain=.accounts.accesscontrol.windows.net; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=prod; path=/; SameSite=None; secure; HttpOnly
stsservicecookie=ests; path=/; SameSite=None; secure; HttpOnly'
'User-Agent'='Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0'
'accept'='application/json;odata=verbose'
'Authorization'='Bearer eyJ0eXAiOiJKV1QiLCJhbG... lot following here, but only value of access_token'
This is what the response looks like:
'RESPONSE_HTTP_HEADER_X-ASPNET-VERSION'='4.0.30319'
'RESPONSE_HTTP_HEADER_LAST-MODIFIED'='Tue, 23 Jun 2020 08:10:42 GMT'
'RESPONSE_HTTP_HEADER_X-SHAREPOINTHEALTHSCORE'='1'
'RESPONSE_HTTP_HEADER_X-FORMS_BASED_AUTH_RETURN_URL'='https://<mytenant>.sharepoint.com/_layouts/15/error.aspx'
'RESPONSE_HTTP_HEADER_CACHE-CONTROL'='private, max-age=0'
'RESPONSE_HTTP_DATA'='<?xml version="1.0" encoding="utf-8"?><m:error xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"><m:code>-2147024891, System.UnauthorizedAccessException</m:code><m:message xml:lang="en-US">Access denied. You do not have permission to perform this action or access this resource.</m:message></m:error>'
'RESPONSE_HTTP_HEADER_X-POWERED-BY'='ASP.NET'
'RESPONSE_HTTP_HEADER_DATE'='Tue, 23 Jun 2020 08:10:42 GMT'
'RESPONSE_HTTP_STATUSLINE'='Forbidden'
'RESPONSE_HTTP_HEADER_EXPIRES'='Mon, 08 Jun 2020 08:10:42 GMT'
'RESPONSE_HTTP_HEADER_CONTENT-SECURITY-POLICY'='frame-ancestors 'self' teams.microsoft.com *.teams.microsoft.com *.skype.com *.teams.microsoft.us local.teams.office.com;'
'RESPONSE_HTTP_HEADER_MICROSOFTSHAREPOINTTEAMSERVICES'='16.0.0.20203'
'RESPONSE_HTTP_HEADER_X-MSDAVEXT_ERROR'='917656; Access+denied.+Before+opening+files+in+this+location%2c+you+must+first+browse+to+the+web+site+and+select+the+option+to+login+automatically.'
'RESPONSE_HTTP_HEADER_SPREQUESTGUID'='78265f9f-40b3-b000-f2bb-2df685280534'
'RESPONSE_HTTP_HEADER_STRICT-TRANSPORT-SECURITY'='max-age=31536000'
'RESPONSE_HTTP_HEADER_TRANSFER-ENCODING'='chunked'
'RESPONSE_HTTP_HEADER_MS-CV'='n18meLNAALDyuy32hSgFNA.0'
'RESPONSE_HTTP_HEADER_CONTENT-TYPE'='application/xml;charset=utf-8'
'RESPONSE_HTTP_HEADER_P3P'='CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"'
'RESPONSE_HTTP_HEADER_X-FRAME-OPTIONS'='SAMEORIGIN'
'RESPONSE_HTTP_HEADER_X-IDCRL_AUTH_PARAMS_V1'='IDCRL Type="BPOSIDCRL", EndPoint="/sites/<sitecollection>/_vti_bin/idcrl.svc/", RootDomain="sharepoint.com", Policy="MBI"'
'RESPONSE_HTTP_HEADER_SERVER'='Microsoft-IIS/10.0'
'RESPONSE_HTTP_HEADER_REQUEST-ID'='78265f9f-40b3-b000-f2bb-2df685280534'
'RESPONSE_HTTP_HEADER_X-MS-INVOKEAPP'='1; RequireReadOnly'
'RESPONSE_HTTP_HEADER_X-CONTENT-TYPE-OPTIONS'='nosniff'
'RESPONSE_HTTP_HEADER_X-FORMS_BASED_AUTH_REQUIRED'='https://<mytenant>.sharepoint.com/_forms/default.aspx?ReturnUrl=/_layouts/15/error.aspx&Source=%2f_vti_bin%2fclient.svc%2fweb%3f%24select%3dTitle'
'RESPONSE_HTTP_STATUS'='403'
'RESPONSE_HTTP_HEADER_DATASERVICEVERSION'='3.0'
I also tried it with different HTTP Headers, by using cookies and by skip them. Nothing works from middleware but everything from my PC.
Patrick
You could try this way to get authentication:
https://www.c-sharpcorner.com/article/access-sharepoint-online-rest-api-via-postman-with-user-context/
I use some kind of middleware called "Lobster data". This is a software product to map data between different kind of systems. It's comparable to Microsoft BizTalk or others.
However this software uses some special prefix for HTTP header which I was not aware of. Thanks to their support team, I was able to overcome this issue.
Commonly, if you set a HTTP header, you simple use the name of the header you want to add like "content-type" or "authorization" and pass a value.
When using Lobster, you need to add "REQUEST_HTTP_HEADER_" as a prefix, so it needs to be "REQUEST_HTTP_HEADER_authorization" instead of just "authorization". Otherwise it will not send the data as a HTTP Header.
This is only true when using Lobster and not in general. I wasn't aware that they use this syntax.
I heard that wolkenkit also offers a REST API but didn't find any documentation for that. I sifted through the sources and found some indications on how to do this.
I am using HTTPie for doing requests from the cli:
$ http post https://local.wolkenkit.io:3500/v1/read/lists/labels
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate
Connection: keep-alive
Date: Wed, 30 Aug 2017 21:08:07 GMT
Expires: 0
Pragma: no-cache
Surrogate-Control: no-store
X-FRAME-OPTIONS: DENY
X-Powered-By: Express
X-XSS-Protection: 1; mode=block
content-type: application/json
transfer-encoding: chunked
{"name":"heartbeat"}
{"label":"first","id":"baa1b2b6-ab85-4929-a488-0cae622de20a","isAuthorized":{"owner":"anonymous","forAuthenticated":false,"forPublic":true}}
{"label":"second","id":"7fc6c3c9-3285-4292-b3db-6d88ca90a347","isAuthorized":{"owner":"anonymous","forAuthenticated":false,"forPublic":true}}
I have two entries in my label readModel, but there appears to be a third one {"name":"heartbeat"}. Where does that come from and what does it mean?
Is this a bug or may i have created that entry accidentally?
Disclaimer: I am one of the developers of wolkenkit.
This is actually neither a bug, nor did you create the entry accidentally ;-)
Under the hood we stream JSON over HTTP, and we had the experience that some proxy servers (and similar things) caused issues when there were long pauses between two data packets.
In the past we changed the way how the read model is being delivered a few times, and I don't think that this is really still required, so this is a holdover from the past. (If we were talking about the events route, the story would be different, here it is definitely still needed.)
In the library that we use under the hood, json-lines-client, we filter out the heartbeat events:
const isNotHeartbeat = function (data) {
const keys = Object.keys(data);
return !(
(keys.length === 1) &&
(keys[0] === 'name') &&
(data.name === 'heartbeat')
);
};
(Taken from the source code of json-lines-client 0.7.9)
For the moment, I'd suggest to introduce a similar logic to your code, so that you simply ignore these events (there may be more than one over time, and they do not need to be the first one).
I'm trying to set up a small Silex RESTFul server, and now I'm playing around with HTTP Headers.
One GET function checks If-Modified-Since header, and compares with database's Last-Modified item.
Here's a small code sample:
if($hasModifications){
$response = [items]
$statusCode = 200;
} else {
$response = ['result'=>'no modifications'];
$statusCode = 304;
}
return $app->json($response,$statusCode,$headers);
Whenever $statuscode!=200, I only get a blank page and also no custom header gets sent. This also breaks CORS because I can't set Access-Control-Allow-Origin header.
Should I be doing it some other way?
(PS: this is not the actual code, and also if I replace $statusCode for 200, then everything works back as normal)
Update:
So far, I guess from what I've been reading, that 304 statuses shouldn't send anything on response's body. But what about headers? If I don't comply with CORS, then the AngularJS Frontend will fail and I wouldn't be able to catch the "Not Modified" exception!.
Obviously, I can figure it out some other way. But it would be nice if I could have both things working properly (REST+CORS)!
Update 2:
var_dump($headers)
array(4) {
["Last-Modified"]=> string(29) "Fri, 21 Aug 2015 22:47:53 GMT"
["X-Status-Code"]=> int(304)
["Cache-Control"]=> string(25) "post-check=0, pre-check=0"
["Pragma"]=> string(8) "no-cache"
}
Notice that I'm using X-Status-Code to inform the true HTTP Status.
Right now, the response line of code goes as follows:
return $app->json($response,200,$headers);
If I changed 200 to 304, I can't see the output of var_dump (gives me an empty page). Also if I set 304 status with no header parameter, it is still the same.
Seems like return or $app->json clears the HeaderBag, since I'm using JDesrosiers\Silex\Provider\CorsServiceProvider(), and those headers parameters also get cleared.
This is the Raw HTTP Response taken from Firefox with Status Code 304:
Cache-Control: post-check=0, pre-check=0, private
Connection: Keep-Alive
Date: Sat, 22 Aug 2015 19:52:18 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.7 (Ubuntu)
And this, with Status Code 200:
Cache-Control: post-check=0, pre-check=0, private
Connection: Keep-Alive
Content-Length: 25
Content-Type: application/json
Date: Sat, 22 Aug 2015 19:53:12 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 21 Aug 2015 22:47:53 GMT
Pragma: no-cache
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.11
X-Status-Code: 304
Apache strips out CORS headers on 304 status codes.
You can read more in issue #51223 and you can also find a patch which will fix this problem.
If you don't want or you can't recompile Apache, you could try running Nginx, which will leave the CORS headers in place.
I have been reading a lot about Delphi, POST command og SSL.
My problem is this:
I have to contact this site:
https://payment.architrade.com/cgi-bin/confirmtransact.cgi
Explanation can be found here:
http://tech.dibspayment.com/D2/FlexWin/API/Status_functions/confirmtransactcgi
Doing this in Chrome or firefox returns 0. Just as the explanation says.
Some 3 years ago I made an implementation to call this.
I made it in Delphi 2010.
This has been running without flaws for 2½ years.
The last 6 months I get Socket Error #0 almost instantly after calling.
I happens more and more aften, and today it is constant.
At this point our customer can't use the routine because of this.
In my program, I use this:
HttpPosten: TIdHTTP;
IdSSLIOHandlerSocketOpenSSL1: TIdSSLIOHandlerSocketOpenSSL;
The code is like this:
procedure TForm6.Button1Click(Sender: TObject);
var
FejlKode: String;
begin
Try
Memo1.Lines.Clear;
Memo1.Lines.Add('Starter på test...');
Memo2.Lines.Clear;
FejlKode := HttpPosten.Post('https://payment.architrade.com/cgi-bin/confirmtransact.cgi',Memo2.Lines);
HttpPosten.Disconnect;
Memo1.Lines.Add(' ');
Memo1.Lines.Add('Resultat:');
Memo1.Lines.Add(FejlKode);
Except
on E: exception do
Begin
FejlKode := e.Message;
Memo1.Lines.Add(' ');
Memo1.Lines.Add('FEJL (2):');
Memo1.Lines.Add(FejlKode);
End;
End;
end;
And at the moment I end up in the except part constantly.
I need suggestions to where to look after this?
Is this within Delphi, Indy, SSL, Server, Internet, Firewall or where should I look?
Someone says I should upgrade Indy to newest version.
But it has been running with these components for 2½ years without problems.
If I uograde, I would like to know, which version I have now. Where do I find that information?
So - I really need some advice.
Regards Michael
The last 6 months I get Socket Error #0 almost instantly after calling. I happens more and more aften, and today it is constant.
I am not able to reproduce the error using the latest version of Indy (10.6.2.5274 at the time of this writing) and the exact code you have showed. The Post() call succeeds with an HTTP 200 OK response and a body payload of 0, just like you are getting in Chrome/Firefox.
HTTP/1.1 200 OK
Server: -
Date: Tue, 19 May 2015 17:05:35 GMT
Connection: close
X-Server-Name: payment27
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Pragma: no-cache
P3P: CP="NON DSP CURa CUSa OUR NOR STA"
Content-Type: text/plain
Connection: close
Strict-Transport-Security: max-age=31536000
0
Someone says I should upgrade Indy to newest version. But it has been running with these components for 2½ years without problems.
You should always use the latest, when feasible. For instance, socket error #0 was addressed a long time ago.
If I uograde, I would like to know, which version I have now. Where do I find that information?
You can right-click on any Indy component in the Form Designer at design-time. Or read the Version property of any Indy component at run-time.
I also got this error for DELPHI 2010 and INDY 10.5.5 when trying to post to a https website.
I solved it by setting hoKeepOrigProtocol property to true for idHTTP1 component. Then the "socket error #0" never came back.
I know it is an old topic, but it is visible in google. Some people stil reading it.
I have a Perl-based website that attempts to set a number of cookies on the users first visit and I just noticed that Safari has stopped setting all but the first cookie that is passed. On first visit two cookies should be set which are 'location' and 'referrer'. In IE and Firefox the cookies are being set correctly but Safari is only setting the 'location' cookie. I tried changing the names, values, etc. and the conclusion I've come to is that Safari is just setting the first of the two cookies:
Here is the code that is setting the cookies:
# Add location cookie if necessary
if(!$query->cookie('location') && $user_location) {
my $cookie = $query->cookie(-name=>'location',-value=>qq|$user_lcoation|,-domain=>".domain.com",-path=>'/',-expires=>'+1Y');
push(#cookies,$cookie);
}
# Add referrer if first visit
if(!$query->cookie('referrer')) {
if($ENV{'HTTP_REFERER'}) {
my $cookie = $query->cookie(-name=>'referrer',-value=>$ENV{'HTTP_REFERER'},-domain=>".domain.com",-path=>'/',-expires=>'+3M');
push(#cookies,$cookie);
}
else {
my $cookie = $query->cookie(-name=>'referrer',-value=>'unknown',-domain=>".domain.com",-path=>'/',-expires=>'+3M');
push(#cookies,$cookie);
}
}
if(scalar(#cookies)) {
print $query->header(-cookie=>\#cookies);
}
Here is what I get when I try to access the website from curl:
curl -so /dev/null -D - http://domain.com
HTTP/1.1 200 OK
Date: Thu, 18 Feb 2010 20:19:17 GMT
Server: Apache/2.0.63 (Unix) mod_ssl/2.0.63 OpenSSL/0.9.8e-fips-rhel5 mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 PHP/5.2.8 mod_perl/2.0.4 Perl/v5.8.8
Set-Cookie: location=Dallas; domain=.domain.com; path=/; expires=+1Y
Set-Cookie: referrer=unknown; domain=.domain.com; path=/; expires=Wed, 19-May-2010 20:19:20 GMT
Transfer-Encoding: chunked
Content-Type: text/html; charset=ISO-8859-1
Any ideas? I'm at a loss as to what I can do to help resolve this issue since it seems that my script is passing them correctly. Thanks in advance for any insights or ideas you might have!
Look at the expires date on the first cookie header -- it's a literal +1Y instead of the actual standard datestamp that it should be. My guess is that your version of Safari is choking on this and simply refuses to parse the remaining cookie headers.
To set a one-year expiration date, the correct syntax is -expires => '+1y' (lowercase Y).
Try upgrading CGI.pm (do cpan CGI). I had similar problem with cookies that was solved by CGI.pm upgrade.
a bit late for an aswer, but later better than never :
a simple way, without having to reinstall/update CGI.pm, is to specify the date you
want your cookie to expire, using DateTime.pm :
my $cookie = CGI->new->cookie(
-name=>'cookie_name',
-value=>'value',
-domain=>$ENV{'HTTP_HOST'},
-expires=>((DateTime->now->set_time_zone('local'))->add(months=>1)->strftime("%a, %d %b %Y %I:%M:%S GMT")),
-path=>'/',
);
there i've got a cookie that will last for 1 month.
I tested it on safari under XP, works fine.
hope this will help