How to handle json request
-
Hello!
I tripped over a site where my firefox dev-tools show me this at the request area:
I don't know how to transfer this to OB, is there an example for an config with this json-form?I set Method as "Post" and tried
POST data like{ "u":"<USERNAME>", "p":"<PASSWORD>", "r":false}
But I still get
Response Source: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html> <head> <title>400 Bad Request</title> </head> <body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.</p> </body> </html>
Can someone give me a help?
-
You have to put content-type
application/json
-
@Ruri Hi,
thank you, I tried some seting without success...
-
Can you remove the
\n
from the json data? The server can perfectly understand it even without the linefeeds.
-
Yes, I read that in another thread and gave it a change but with or without \n same result...
-
I have no clue then mate, sorry
-
ok thanks anyway, i won't give up!
-
Ah, by seeing your screenshot i see the problem.
I don't want to spill too much, but the site has an extra protection.Only hint i can give, look at the Headers you are sending when trying to login with the browser and how one them changes when trying different login details.
Maybe you notice something
-
Hi,
yeah I understand now. Thank you!
Behind "Upgrade-Insecure-Request:" is a variable depending on userdata, but how is this created and how can I fetch is to send it with OB-Header?
-
Try parsing the header on a regular GET request, and then later use it in the POST request
-
Hi,
thank you for that hint. But I still haven't made it.
There is nothing about the Upgrade-Insecure-Request in the GET request.
Also, I read that this Upgrade-Insecure-Request is made to build a httpS connection instead of http, and it can have the value 0 or 1.
?-(
-
Ignore, what @c0nf1g said
And yes, the Header is misused. 0 and 1 will never happen
As said, try different login details in the browser.
Maybe start with 123456: 123456 and then 1234567: 1234567. Maybe you notice something
-
Ah!
Yeah i have cracked the riddle !
Ha, thats nice!
-
try this, direct to header custon