Reputation: 4755
Logging Into Site Using Javascript HTTP Request?
I'm attempting to log into my nike account using http requests and parse. Here's my request:
Parse.Cloud.httpRequest({
method: 'POST',
headers: {
'Content-Type' : 'application/x-www-form-urlencoded; charset=UTF-8'
},
url: 'https://www.nike.com/profile/login',
params: {
'Content-Locale' : 'en_US',
},
body: {
'login' : <userId>,
'rememberMe' : 'true',
'password' : '<password>'
}
}).then(function(httpResponse) {
//Log
console.log(httpResponse.text);
}, function(httpResponse) {
//Log
console.error('Request failed with response code ' + httpResponse.status);
});
I'm using rest to call my function, and it's working correctly. The only problem is that it keeps returning a 403 error. Is there something I'm doing wrong with my request?
Here is all the info of the actual request I found in Safari when logging in through the browser (NOTE: I'm new to http requests).
Update:
The image above is of a valid login using the web browser.
Also, here's an image of the request and response section for more details:
Upvotes: 3
Views: 617
Answers (3)
Reputation: 1
the reason its not working is because the nike api, is hard coded so that it needs an authorization key to continue. kinda like this idk, "http://nike.blahblah/loginthruapi.html?credentials=({username=whateva&password=wadafak&apikey=c29tZSByYW5kb20gYXBpIGtleSB0aGluZw==})
Upvotes: 0
Reputation: 78
As rkd sais, 403 is Forbidden. Server is rejecting yout request. I think is not a cross-origin restriction because in the second image apperars Access-control-allowed:true. Check if there is a previous cookie setted. look at the first image, in headers if there is a "set-cookie" and it values. But at all, more information about headers is needed for a better response.
Upvotes: 1
Reputation: 714
I don't believe there's anything wrong with your request structure, if you are consistently seeing 403 - Forbidden response. That implies that your request is being rejected due to cross-origin restrictions, improper or unexpected request headers and/or spoofing your referrer and origin, etc.
But without knowing the details of Nike's login services, we can only speculate.
I would expect to see other HTTP responses like 400 Bad Request, 406 Not Acceptable, 500 Timeout, etc if there was something fundamentally wrong with your request.
To properly answer, we'd need to know more details about the environment your requests are made from. Is this a local server? Are you a Nike developer with access to internal nike.com environments? Where is this HTTP request being initiated from?
The best I can suggest with the information provided is some tools to help troubleshoot further:
- Charles Proxy: to monitor all outgoing requests + responses
- Postman: for convenient testing of request structures in a more pure, browser/tech agnostic way
I can't post more than 2 links yet, but search for cross origin access and http status codes for more details on general HTTP requests.
Upvotes: 4
Related Questions
- How do I chop/slice/trim off last character in string using Javascript?
- How do I refresh a page using JavaScript?
- Send HTTP POST request in .NET
- JavaScript post request like a form submit
- pretty-print JSON using JavaScript
- Get selected value in dropdown list using JavaScript
- Scroll to the top of the page using JavaScript?
- HTTP GET request in JavaScript?
- How to reload a page using JavaScript
- How is an HTTP POST request made in node.js?