I'm just starting out building Flows to connect Sharepoint to an asset management cloud software we use. I have an API endpoint and I'm used to writing Python scripts to connect to the asset management software (which I'll call AMS from here out.)
The AMS uses an ASP .NET API for authentication. I can make an authentication HTTP request in a Flow and get a cookie, but then I get stuck.
In Python I would grab the cookie off the successful authentication request, assign it a variable name, and then feed it as cookies = CookieVariable to each subsequent HTTP request.
Here's what the return object looks like in Python:
{u'Cookie': u'SuperLongStringHere',
u'Expires': 3600,
u'LogOnStatus': 0}
But when I grab the 'Cookie' string and feed it to a subsequent HTTP request it gives me a 401 and "authentication required to continue," as if I hadn't given it at all.
I've googled and I keep finding old solutions that don't work, or things posted by people who are making the APIs that they are calling with Flow, and have abilities to change it that I don't have with the AMS API.
Does anyone have a way to do this kind of thing? Is the "Cookie" field in the HTTP block completely pointless?
A few people on the Vue Land Discord were asking about cookies. I prepared this demo which is specific for JavaEE but applies to other technologies. A server-side mechanism is used that lets Vue operate without any special security code.
https://courses.bekwam.net/public_tutorials/bkcourse_wildfly_ws_form_auth.html
I'm using the Reddit redirector to always use old.reddit.com because it has much better accessibility and doesn't prompt for login when expanding threads when not logged in.
However, old.reddit.com rapidly sets tens of cookies that start with amp_cookie_test$(OPAQUESTRING) where $(OPAQUESTRING) is 22 characters long and is made up of [A-Za-z0-9] characters. The sheer number of cookies leads to my browser sending a request that reddit rejects for being too large (which is the HTTP 400 mentioned in the title). I cannot then use Reddit until I delete these cookies from my browesr.
Please fix this, ideally by abandoning the AMP framework which I understand is /terrible/ for accessibility, but if not, by fixing whatever bug here causes old.reddit.com to set tens of unique amp_cookie_test cookies within a single session. I'm using Chromium. I'm sure you'll say that you can't support interactions with extensions you don't own, but this is site-breaking for me and is very clearly a bug, probably because old.reddit.com has rotted after the migration to the new shiny.
Hey, does anyone have any experience with creating an http-only cookie with JSON web tokens? I am using djangorestframework-simplejwt with my drf api and I can't find how to make a cookie in the simple jwt documentation and google/SO hasn't yielded anything.
Any help would be much appreciated
I have just released version 2.0.0 of http-cookie. A comprehensive, standards compliant HTTP cookie library for ocaml. More details here,
Hi, I want to make simple page parsing some data from another site's page. Problem is that this page is behind oauth authorization. When I log in, I can extract session and token from http request header (i have obviously masked session and token so you can't login to my account):
cookie: _ga=GA1.2.7*****778.1603****307; _gid=GA1.2.20****4265.160*****07; _tsn_session=db**********************73; tsn_token=eyJhb********************************************************************************zovL3Bzbi1yc2MucHJvZC5kbC5wbGF5c3R*******************************0NVU0ExNzM1N18wMC1BVjAwMDAwMDAwMDAwMDEyX0I**********************5nIiwiZ3JvdXBzIjpbXX0.hm0n***********************myaE
If I try to set this header in my application using: const headers = new HttpHeaders().append(...), I get error: Refused to set unsafe header "cookie".
So my question is: Is there some way I can set this _tsn_session and tsn_token cookies in my application so I can get html document behind this authentization?
