I know how to get cookies value from HTTP request with that way
> httpReq.getheader()
but now i want to access and get cookies values that set in browser wherever and use it in java classes without sending HTTP request?
is it possible ?
It is not possible ... unless your Java code is actually running in the web browser. The Java Tutorials include a page on Accessing Cookies in an Applet or JNLP application.
However, if your Java code is running in the web, then you have a problem because:
most browsers have already dropped support for Java plugins,
Oracle has deprecated browser-side Java as of Java 9.
If your Java code is server-side, then the HTTP request is the only way that information (such as cookies) is passed from the client (browser) to server. The server cannot send requests to the browser. The best it can do is send an HTTP reply that causes the browser to send another request. (Or open a WebSocket ...)
Related
I am trying to simulate a response from a web server login confirmation to a windows application. I have the captured packets that detail the conversation between the server and the application for successful login already as it is my application, this is for debugging and MIME simulation to test application and network security. communications create what I hope can be a custom foolproof way to prevent a MIME but I dont have a way to test it, so here I am to ask for guidance.
How would I go about simulating the response from the server to the application?
I have some idea in the direction I would possibly need to go to achieve my desired outcome:
Utilizing my network:
I have a Linux machine set up as a dynamic router, dhcp, routing, and my Linksys router just acts as an access point and ethernet switch.
1: Set up web server on Linux machine.
2: redirect traffic from application port to Linux server.
3: run server-side script to respond to application request using packets captured to establish replay successful login to server.
So, I am kinda new to using Linux tools. I have setup a Linux router, captured basic information utilizing Wireshark, and am able to program in VB, javascript, some java. I have not done much network-oriented programming other than some simple communication for authentication I have successfully established.
Any information to point me in the right direction I am grateful for!
Most logins use encryption (https / TLS) so capturing the packets won't help.
If not, the packets will form a http request, and you should be able to see the format of the request, whether the login credentials are part of the URL for GET or part of the http body for POST. It is not hard to create your own http request.
How are parameters sent in an HTTP POST request?
Each http request will be followed by an http response from the server, and the format of the headers or body will contain the login result (http requests and responses are similar in format, but the headers are not the same).
More sophisticated logins may involve a series of requests/responses.
You will need to write a simpler server to receive the requests and send the responses. Java is probably your best choice, given the languages you know, plus there will be plenty of examples online. With JS it may be possible but for the most part JS is used in browsers, so not a great choice. VB is a Windows language not supported on Linux.
I am trying to write a simple client-server application in Java using HTTP request/response. I would like the client to be a desktop program which sends (posts) a request to a server. The server is a web page which will be hosted on Apache Tomcat server. The server must be able to read the information and display it on the browser and must be able to respond to the client with a status code 200. I am using eclipse and Apache tomcat server. I have so far tried various resources, but all I could find is a client which could request response from an already existing web server. Could someone please give me an example or some insight on how to make the client request the our own server which runs on the local machine.
Good question, though in your case, I won't recommend you implement a simple HTTP request/response approach as you will end up implementing a timer, heartbeat or Comet. You might wanna try javax or jetty WebSocket API. All you need is to create three parts:
a websocket.server
a websocket.client (desktop application)
a javascript websocket client (browser agent)
Your server and both clients will become full-duplex via onMessage and send events.
Here's an example which I believe is a bit relevant one.
https://dzone.com/articles/sample-java-web-socket-client
I am reading Detecting Device Type in a web application and just got curious if it would be possible to client to fake the User-Agent when sending the request?
Question(s)
- user sends request via curl command but fakes it to look as if request is coming from Mobile on the server? is it possible?
- Can server detect it?
- Can server prevent it?
Thanks
It is possible and easy. All you have to do is set the user-agent header string. I've seen a browser that allowed you to set it (don't remember which one). On the server it is very hard to know. A lot of bots pretend to be a browser so they don't get filtered out.
I am practicing some web-apps technology. I setup Apache HTTP server which provides HTTP page with JNLP/FlashFX file with simple data-form to fill by the user. My first idea was to send/receive the data from JNLP with help of UDP (I just serialize object inside datagrams). To be more specific:
Apache provides a static HTTP and JNLP/FlashFX (HTTP is just to deploy JNLP)
JNLP communicates via UDP with server
server runs simple Java program to send/receive UDP packets to JNLP
My problem is when I access the page from 'client' browser machine a firewall asking if I want to allow/deny the access to network from 'java'. No doubts this is normal, but I think no one is expecting this from a web page.... I want to change this approach and use existing HTTP protocol.
QUESTION UPDATE
As far as I understood with HTTP protocol we have couple of methods which are used to communicate with the server (GET, PUT, POST .... ) and provided by Apache service.
I would like to use this for data exchange like this:
JNLP sends some serialized data with HTTP methods
Apache will redirect some (or full) traffic to my Java program
My Java program will answers via Apache to my JNLP
How can I do that?
How can i read cookies of the client system for Java web application.
My application on server and i want to fetch some information of client system.
Use the following in your servlet/jsp to get cookies
javax.http.servlet.Cookie[] cookies = request.getCookies();
i want to make cookies with some information which user enters and next time i use that information
An example of what you want to do is here
You get cookies from the client system by using a javascript (on the client) to read the cookie and formulate a web request to send to your server.
Use something like the javascript XMLHTTPRequest function (on the client) to send the request to your server (including the cookie value).