Jump to content

How to send X-CSRF:x with Create HTTP REST Client?

Relativity1

By Relativity1
in HTTP REST Client

 Share

Recommended Posts

Relativity1 Rookie

Relativity1

Posted
Posted (edited)

Hello LV Gurus,

I am creating a simple GUI to control a web (specifically RESTful web server) based DLI Web Power Switch Pro

I have three problems:

  1. What is the "Base URL" Is it just the IP + port (e.g. http://192.168.0.100:80) or the whole URI including the path to the web server (e.g. http://192.168.0.100/restapi/relay/outlets/0/state/)
  2. Where and how do I insert the cross-site forgery ignore in the header (e.g. X-CSRF:x) with your REST API? The Default Header list does not include X-CSRF.
  3. Do you support Basic and/or Digest authentication? I get "Unauthorized" error messages using your PUT (or GET) methods returned in the Status String.

REST_Init.JPG.591fdbb9010a45c342461a74b36f419e.JPG

I then proceeded to create a version of this GUI using cURL (via the System Exec node) to enable switch outlet 1 using "digest" authentication and it works: 

curl --digest -u admin:1234 -X PUT -H "X-CSRF: x" --data "value=true" "http://192.168.0.100/restapi/relay/outlets/0/state/"

FYI: This is DLI guideline for using RESTful HTTP on their power switches

WPS_GUI_REST.JPG.cc3407f9cf9d6ac06159d9962a6d7f43.JPG

Thanks in advance guys. You do wonders for us LabVIEW cogs! ;)

Relativity1

Edited by Relativity1
images in the wrong places
  • Like 1
Link to comment
Share on other sites
Jim Kring Veteran

Jim Kring

Posted
Posted

Hi There! Glad you like the JKI HTTP REST client.

Quote

1) What is the "Base URL" Is it just the IP + port (e.g. http://192.168.0.100:80) or the whole URI including the path to the web server (e.g. http://192.168.0.100/restapi/relay/outlets/0/state/)

For the base URI, I would use: 

http://192.168.0.100/restapi

and then for the path when you call GET or POST, use: 

/relay/outlets/0/state/

 

Quote

2) Where and how do I insert the cross-site forgery ignore in the header (e.g. X-CSRF:x) with your REST API? The Default Header list does not include X-CSRF.

Here's how you could add the X-CSRF header. Note that you can type (or copy-paste) new items into the drop-down selector for the header -- it works like a string control, but with some pre-defined options to make life easier for common headers. 

X-CSRF.png

Quote

Do you support Basic and/or Digest authentication? I get "Unauthorized" error messages using your PUT (or GET) methods returned in the Status String.

The JKI HTTP REST Client passes the username and password into the HTTP VI used by built-in HTTP Open Handle.vi, which I believe doesn't support digest authentication.

Create with Username and Password.png

Under the hood...

image.png

Digest authentication is something that could be added -- here's the specification and here's a demo server, if you're interested in trying.

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.

  I accept