7

I am sending a post request to an api with c# webrequest and httpClient but always i get an error message from the api which says you posted invalid data in the header , but the point is when i send same data with chrome extension advanced rest client it works fine and i compared both request there is nothing different i have attached both request and my code , can anybody help to figure out what is the problem ,

this is the request from rest client app:

enter image description here

and here is the request from c#

enter image description here

and here is my c# code

 string item = "<?xml version=\"1.0\" encoding=\"UTF - 8\"?>" +
  "<request>" +
  "<Username>admin</Username>" +
  "<Password>" + password + "</Password>" +
  "<password_type>4</password_type>" +
  "</request> ";
var request = (HttpWebRequest)WebRequest.Create("http://192.168.8.1/api/user/login");
request.Method = "POST";
request.Headers["_RequestVerificationToken"]= Token;
request.Headers["Cookie"] = Sess;
byte[] bytes = Encoding.UTF8.GetBytes(item);
request.ContentType = "application/xml;charset=UTF-8";
request.ContentLength = bytes.Length;
Stream streamreq = request.GetRequestStream();
streamreq.Write(bytes, 0, bytes.Length);
streamreq.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
{
    var result = reader.ReadToEnd();
}
Aleks Andreev
  • 6,732
  • 8
  • 27
  • 36
Younis Qadir
  • 275
  • 1
  • 3
  • 16
  • `and i compared both request there is nothing different` Looking at the screenshots there are multiple things that are different. `SessionID` is different. `_RequestVerificationToken` is different. – mjwills Aug 21 '17 at 08:33
  • Which API are you calling (is it https://github.com/arska/e3372/issues/1)? Do they document what `125002` code means? – mjwills Aug 21 '17 at 08:36
  • @mjwills sessinid and token is changed per each request, the problem is i am sending a valid session and token id that i get from api , but in c# not returning ok, and the error code says invalid session , it is an api from huawei LTE modems – Younis Qadir Aug 21 '17 at 08:38
  • the value of password is a hashed password each time changed due to token ,and this link is what exactly i am using sessInfo to get session and token for each request – Younis Qadir Aug 21 '17 at 08:41
  • this is one example of password ZTJkZGZhZGZjZmZlMjk0OGQ4MGZmZTk3NGRjMDE4MWY4NmIyMzcwZjRjNzg0ZjMyNmFjNGE4NmRmZmE4MGI0MA== and generated from Base64Encode(Sha256(username + Base64Encode(Sha256(password)) + Token)); username=admin ,pass=admin – Younis Qadir Aug 21 '17 at 09:08
  • Instead of WebRequest etc, you should use something like RestSharp or ReFit etc. – Akash Kava Aug 28 '17 at 08:10
  • i used restsharp and got same result, also tried in java also the same, but tested in postman and arc it works . – Younis Qadir Aug 28 '17 at 08:24
  • Try __requestverificationtoken? Small caps and two underscores. – Ulf Kristiansen Aug 28 '17 at 17:24
  • @ Ulf Kristiansen you saved my life many thanks , i did not expect the problem was that . :) can you post an answer so i can make it correct answer ? – Younis Qadir Aug 29 '17 at 06:15
  • Sure, glad it helped! – Ulf Kristiansen Aug 29 '17 at 07:02

2 Answers2

4

It looks like __RequestVerificationToken contains two underscores in the left picture, so try this:

request.Headers["__RequestVerificationToken"]= Token;
Ulf Kristiansen
  • 1,471
  • 2
  • 22
  • 30
  • Ps. In the comments I suggested using small caps as well, but [field names in HTTP headers are case-insensitive](https://stackoverflow.com/a/5259004/1576119), so the extra underscore should do the trick. – Ulf Kristiansen Aug 29 '17 at 07:08
1

The main difference it Saw here was that at the API you are sending 

application/xml

but at the C# code you are sending

application/xml;charset=UTF-8;

In your API, the content length is 230 and in the C# the content length is 227, 3 chars less.

Now, It may be a long shot but charsets work differently with every browser and with every language so there might be an issue when you add charset=UTF-8 in your code.

Send your request as follows: 

 string item = "<?xml version=\"1.0\" encoding=\"UTF - 8\"?>" +
  "<request>" +
  "<Username>admin</Username>" +
  "<Password>" + password + "</Password>" +
  "<password_type>4</password_type>" +
  "</request> ";
var request = (HttpWebRequest)WebRequest.Create("http://192.168.8.1/api/user/login");
request.Method = "POST";
request.Headers["_RequestVerificationToken"]= Token;
request.Headers["Cookie"] = Sess;
byte[] bytes = Encoding.UTF8.GetBytes(item);
request.ContentType = "application/xml";
request.ContentLength = bytes.Length;
Stream streamreq = request.GetRequestStream();
streamreq.Write(bytes, 0, bytes.Length);
streamreq.Close();
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (StreamReader reader = new StreamReader(response.GetResponseStream()))
{
    var result = reader.ReadToEnd();
}
Barr J
  • 9,047
  • 1
  • 22
  • 41