How to manually enter POST data into browser - javascript

I'm debugging my php script and need to try to post data to by manually inputting it into the URL in my browser.
The javascript which sends the request is below. How do I enter the correct data into my browser so it's encoded in the same way as the javascript function? I tried encoding the string with http://meyerweb.com/eric/tools/dencoder/ and putting sendmail.php?q="the encoded string"... but that didn't work. Do I have to add more information?
function SendPHP(str, callback){
xmlhttp = new XMLHttpRequest();
str = "q=" + encodeURIComponent(str);
xmlhttp.open("POST","sendmail.php", true);
xmlhttp.onreadystatechange=function(){
if (xmlhttp.readyState == 4){
inProgress=false;
if(xmlhttp.status == 200){
callback(xmlhttp.responseText);
}
}
};
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
if (inProgress==false){
inProgress=true;
xmlhttp.send(str);
}
else{
writeDisplayConsole("ERROR: xmlhttp fired twice!");
}
}

Use the Chrome Rest plugin extension https://chrome.google.com/webstore/detail/advanced-rest-client/hgmloofddffdnphfgcellkdfbfbjeloo

You may want to look at Fiddler - the web debugging proxy. https://stackoverflow.com/questions/tagged/fiddler
One of Fiddler's features is Composer, which lets you edit a previously seen request, or create a new one from scratch. Check out e.g. this answer, it deals with a very similar issue: check POST request with Fiddler

Related

Editable javascript and Ajax

Well I have a non-jQuery ajax function:
function callAjax(){ //will be sent to node server
var xmlhttp;
// compatible with IE7+, Firefox, Chrome, Opera, Safari
xmlhttp = new XMLHttpRequest();
xmlhttp.onreadystatechange = function(){
if (xmlhttp.readyState == 4 && xmlhttp.status == 200){
canAjax = true;
//do something
}
}
xmlhttp.open("GET", "string", true);
xmlhttp.send();
}
and a function that calls it:
function a(){
if(mouseIdle && canAjax){
callAjax()
}
}
This is kind of an api I give to my clients with a following:
<script src = "mysrc">
the problem is, anyone can easily delete these if's if they wanted(including their clients), and I can't figure out a way to make it uneditable, or at least preventable. I just want my javascript code to be untouchable from the inside, how can it be done?
Like Quentin said, you can't control JavaScript on the client side, that's just how the web works.
You could implement a simple auth system using tokens.
Your token should be something hard to guess to discourage brute force attacks, like the SHA256 hash of the current time. The empty hash for sha256 is below:
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Then you could save this token key in your database (MongoDB, MySQL or other) and you need to obligate your client to send their token in each request they make.
After this you just need to validate the usage quota to that key and decide if you should serve or not.
It can't.
Anything you send to the client can be edited by the end user or duplicated, edited and placed on another website.
If you want to limit accesses to your Ajax endpoint, then you'll need to put the protection in on the server. For example, with IP address linked rate limiting.

if (xmlhttp.readyState==4 && xmlhttp.status==200) in AJAX not executing

I was trying ajax on my page. But it is not working as if (xmlhttp.readyState==4 && xmlhttp.status==200) is always false. I have alerted the values of xmlhttp.readyState and xmlhttp.status. There values are always 1 and 0 respectively for xmlhttp.open event and 4 & 0 respectively for xmlhttp.close event.
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script type="text/javascript">
function captcha_check()
{
var code = document.getElementById("captcha").value;
var url = "http://www.opencaptcha.com/validate.php?img='.$captcha_name.'.jpgx&ans="+code;
var xmlhttp=new XMLHttpRequest();
xmlhttp.onreadystatechange=function() {
alert(xmlhttp.readyState + " " + xmlhttp.status);
if (xmlhttp.readyState==4 && xmlhttp.status==200) {
document.getElementById("captcha_error").innerHTML=xmlhttp.responseText;
return false;
}
}
xmlhttp.open("GET","captcha_check.php?img=abc.jpg&ans="+code,true);
xmlhttp.send();
}
</script>
What the issue may be and how can I solve it and make the AJAX functioning. Thanks in advance.
The correct order of calls is:
new XMLHttpRequest
xhr.open()
xhr.onreadystatechange = ...
xhr.send()
In some browsers, calling .open clears any event handlers on it. This allows for clean re-use of the same XHR object, which is supposedly more memory-efficient (but that really doesn't matter if you code properly to let the GC do its job)
So, simply put the .open call before the onreadystatechange assignment and you should be good to go.
Even though your code is working perfectly, as mentioned in the comments, since your already included jQuery try:
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
<script type="text/javascript">
function captcha_check() {
var code = document.getElementById("captcha").value;
var url = "http://www.opencaptcha.com/validate.php?img='.$captcha_name.'.jpgx&ans="+code;
jQuery.get("captcha_check.php?img=abc.jpg&ans="+code", function(data) {
alert("Load was performed.");
console.log(data);
});
}
</script>
It almost sounds like you are making an AJAX request from a page loaded in the browser directly from the file system, rather than from a Web Server. Since you are issuing a GET request, browser caching might be an issue as well. Try appending a timestamp to the URL each time so the URL is unique:
xmlhttp.open("GET", "captcha_check.php?img=abc.jpg&ans=" + code
+ "&__cachebuster__=" + new Date().getTime());
Secondly, you need to escape the code variable to make it safe for a query string:
xmlhttp.open("GET", "captcha_check.php?img=abc.jpg&ans=" + escape(code)
+ "&__cachebuster__=" + new Date().getTime());
Lastly, please check for any occurences of $_POST in your captcha_check.php file, as this would indicate you should be issuing a POST request, not a GET request.
If:
You are loading a page in the browser directly from the file system, AJAX requests will fail
You enter non query string safe characters for the code, then you end up with an invalid URL, and AJAX requests will fail
The captcha_check.php file requires a POST request and you issue a GET request, the AJAX request will fail.
xmlhttp.open("GET","captcha_check.php?img=abc.jpg&ans="+code,true);
Please check file path, maybe its wrong path.

Why does my AJAX loading fail the first time through when hosting my MVC3 project in IIS7?

I was writing an mvc application with a few tabs. I noted that when hosted on IIS 7, the home page has a link triggering a JavaScript function to load content via AJAX.
It doesn't work on the first page load, however when I visit some other tab and come back to the home page and click on the link it works perfectly. Can someone tell me the reason for this or how to avoid it?
The Loading Code
function GetLabels(project) {
var xmlHttp;
if (window.XMLHttpRequest) {
xmlHttp = new XMLHttpRequest();
}
else {
xmlHttp = new ActiveXObject("Microsoft.XMLHTTP");
}
xmlHttp.onreadystatechange = function () {
if (xmlHttp.readyState == 4 && xmlHttp.status == 200) {
document.getElementById("light").innerHTML = xmlHttp.responseText;
}
}
xmlHttp.open("GET", "/Home/GetLabels?project="+project, true);
xmlHttp.send();
document.getElementById('light').style.display = 'block';
document.getElementById('fade').style.display = 'block';
document.getElementById("light").innerHTML =
"<img src='Content/load.gif' alt='Please wait' />";
}
The Link that Triggers it
Click here
You should not hardcode urls like this:
xmlHttp.open("GET", "/Home/GetLabels?project="+project, true);
You should always use url helpers to generate them:
xmlHttp.open("GET", "#Url.Action("GetLabels", "Home")?project=" + encodeURIComponent(project), true);
Now your AJAX request will work no matter whether you are hosting in Visual Studio's built-in server or IIS. The reason why your code doesn't work in IIS is because in IIS your application is hosted ni a virtual directory that you must include in your url. So the correct url is not /home/getlabels but /appname/home/getlabels which is something that the url helper takes into account.
Also since you are using a GET request the web browser might cache the result and never send a request again to the server. To avoid this you should append a random query string parameter to the url or use the POST verb.

Javascript XMLHttpRequest Invalid Argument

I'm currently working on a project trying to update a page reading from an XML file on our intranet server. After doing some working I came up with the following code:
// IE7+
if (window.XMLHttpRequest) { xmlhttp = new XMLHttpRequest(); }
// IE6, IE5
else { xmlhttp = new ActiveXObject("Microsoft.XMLHTTP"); }
xmlhttp.open("GET", "VerifiedUrl+XML.xml", false);
xmlhttp.send();
xmlDoc = xmlhttp.responseXML;
if (xmlDoc.getElementsByTagName("CheckBox")[0].childNodes[0].nodeValue == "True"){
document.getElementById("PartToUpdate").innerHTML = xmlDoc.getElementsByTagName("TextBox")[0].childNodes[0].nodeValue;
}
Now I've tested this code on my localhost and it does in fact read from the correct file, displaying the updated information, but when I deploy it to the intranet, I get an "Invalid Argument" error. (The XML file itself has been deployed and is referencing correctly).
Edit: I've recently found the problem, in that the path I was referencing apparently couldn't find the file itself. So that brings up another question that someone might be able to shed light on:
//When referencing a file within the same folder, it works correctly.
xmlhttp.open("GET", "Sample.xml", false);
//However, if I include the full path, it doesn't read correctly. (Double slashes to escape correctly)
xmlhttp.open("GET", "\\\\Full\\Server\\Path\\Here\\Sample.xml", false);
Perhaps someone could shed some light on this?
should your path be something like this:
xmlhttp.open("GET","./Path/Here/books.xml", false); //for relative urls
xmlhttp.open("GET","http://localhost/Path/Here/books.xml", false); //for absolute urls
and if its a non-http synchronous request
var request = new XMLHttpRequest();
request.open('GET', 'file:///home/user/file.json', false);
its not similar to your system path.
The path here is wrong:
xmlhttp.open("GET", "\\\\Full\\Server\\Path\\Here\\Sample.xml", false);
You are using the wrong type of slashes for the internet, they would be correct on a file system. It needs to use a forward slash.
xmlhttp.open("GET", "//Full/Server/Path/Here/Sample.xml", false);
Have you checked the same-origin policy?

By using JS, it is possible to get a page source, and then respond users with this getting page

I want to implement the following things by using JavaScript:
using AJAX to get a page source;
put in some data into this page source;
show the changed page to users.
So it is possible? If so, how?
By the way, I cannot use server side technologies. And if JS is not suitable for it, what client technologies can be used in this case?
Assuming that the page you are wanting to get source from is on the same domain, you can get the page source like this:
if("XMLHttpRequest" in window){
xmlhttp=new XMLHttpRequest();
}
if("ActiveXObject" in window){
xmlhttp = new ActiveXObject("Msxml2.XMLHTTP");
}
xmlhttp.open('GET', "URLofFileYouWantToGetTheSourceFrom", true);
xmlhttp.onreadystatechange = function() {
if (xmlhttp.readyState==4) {
alert(xmlhttp.responseText);
}
};
xmlhttp.send(null);

Categories