Jump to content
Ketarin forum

Accept header not sent


Recommended Posts

One source of software that I need now requires a valid Accept header with every request. (The webmaster said they do this to cut down on denial of service attacks and other problems.)

Ketarin doesn't send one, so I get a 403 Forbidden response.
(The version on Ketarin is 1.8.8 beta 4, running on Windows 7.)

I used WireShark to capture the packets involved [ket-no_accept-forbidden-pkt (Small).jpg].

Ketarin has a way of sending an Accept header, described at
https://wiki.ketarin.org/index.php/HTTPX_protocol so I tried this URL:
httpx://scripts.sil.org/cms/scripts/page.php?site_id=nrsi&id=ViewGlyph_home?header:accept=*/*

That request doesn't get past the first SYN in the SYN, SYN-ACK, ACK sequence.

When I try with Firefox, I see a separate Accept field, the default that firefox uses, as in [fox-default-accept (Small).jpg].

I got to this point, and wasn't allowed to upload any more screenshots, so I moved across to my Google Drive and made a doc there with all the screenshots in it. Please see the full message, with screenshots, at
https://docs.google.com/document/d/1eTuN1egYO2pfZvxKSozuP0fKA2yrYHiwLV8NNN3cV_o/edit?usp=sharing

Jim

 

 

ket-no_accept-forbidden-pkt (Small).jpg

Link to post
Share on other sites

Thanks, floele.

I wasn't able to get httpx to produce an Accept header at that address even with "&" instead of "?".

I tried again at another site that doesn't require an Accept header:
httpx://sourceforge.net/projects/sevenzip/files/7-Zip/?header:accept=*/*

and still there wasn't any Accept header, as you can see in the screenshot [ket-forge-no-Accept (Small).jpg]
I tried it again without the "/" before the "?header . . .", with a similar result.

Ketarin seems to send the URL as entered in the recipe. It seems to me I should see in the packet a separate field
Accept: */*
like in the firefox screenshot in the Google Doc.

Have I not understood how to make httpx work?

ket-forge-no-Accept (Small).jpg

Link to post
Share on other sites

floele, you said you plan to add Accept headers to Ketarin.

Do you plan to use a default Accept header?

Or perhaps you will let the user specify an Accept header for each recipe?

While I was finding out what Accept headers are, I came across this interesting article about the different default headers sent by different browsers, and how much more IE sends by default:
https://www.newmediacampaigns.com/blog/browser-rest-http-accept-headers

You might find it helpful, and this one as well:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Content_negotiation/List_of_default_Accept_values

Thanks again,
Jim

Link to post
Share on other sites

Thanks for your response. It seems that the HTTPX URL does not work for lookups for variables. Have another look at the most recent screenshot. You'll see that Ketarin sends an "Accept-Encoding" field, but does not send a separate "Accept" field. Instead, it sends the "?header:accept=*/*" as part of the main URL.

Looking forward to the updated version of Ketarin, when you get time.
Jim

Link to post
Share on other sites
  • 3 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.