Differences

This shows you the differences between two versions of the page.

--- scripting:restapi [2022/10/03 16:43] – jotasandoku
+++ scripting:restapi [2023/11/02 14:38] (current) – external edit 127.0.0.1
@@ Line 1: / Line 1: @@
-  * [[https://restfulapi.net/security-essentials/|Security_Principles]]
+__REST API (OR REST-API)__
-----
-**CURL**
-\\
-**TODO: curl most common flags**
 \\
-**CRAFTED REQUESTS**\\
-The USER-AGENT makes a request in which they connect to the DOMAIN  (whatever the region is). The actual HTTP-REQUEST is then the line:
-  GET /multizone/channels-json.fcgi?url=mobileapp%3Ade.telekom.t_online_de HTTP/1.1
-So normally hostname and request comes in DIFFERENT PACKETS. The DOMAIN is not traveling in any packet, that's resolved into an IP.
-The entire URL, e.g.: "protocol:/hostname/path"   isn't sent as a single line in HTTP. Instead you get:
-  METHOD path HTTP/Version
-  Host: hostname
-  E.g.http://xyz.com/hello/world
-  GET /hello/world HTTP/1.1
-  Host: xyz.com
-**CURL AND SOCKS**
-\\
-Also see curl examples in [[https://softbackbone.duckdns.org/doku.php?id=network_stuff:linux|External Link]] \\
-  curl --socks5 127.0.0.1:1080 -X GET --header 'Accept: application/json' --header 'X-CSRFToken: WBC93zWg6SMnpzs6vvBXnejzLzpJJQ4LSeuGHsHVbeSHDa7cwlWcrwyGL8v1CTOn' 'http://netbox.uswest-cluster.aws.mycompany1.co.uk:8080/api/dcim/devices/'
-----
 __BUILDING THE URL__
+\\
+[[https://mydevice.mycompany.com/getstuff?queryName=errors&queryResults=yes]]
 \\
   * Parameters
@@ Line 42: / Line 12: @@
   * method, headers, data(body) [[https://www.smashingmagazine.com/2018/01/understanding-using-rest-api/|External Link]]
-[[https://example.com/api/sp/alerts/?filter=/data/attributes/alert_class=dos%20AND%20/data/attributes/importance=2&page=10]]
+----
+FILTERS:
+  * [[https://example.com/api/sp/alerts/?filter=/data/attributes/alert_class=dos%20AND%20/data/attributes/importance=2&page=10]]
+  * Match booleans: ongoing.eq.true  ; match with numbers : attributes/ip_version.eq.4
 \\
   * The URL above has **two parameters** separated by **&**
@@ Line 49: / Line 23: @@
   * If we are told to separate anything with Space, this is how is encoded in the URL : ''%20''. So, if we need something like ' AND ' we encode it as: ''%20AND%20''
+    * [[https://www.w3schools.com/tags/ref_urlencode.ASP|URL_encoding_reference]]
@@ Line 63: / Line 38: @@
   * BACKEND should use/store numeric (ID) primary keys for its logics
+----
+  * [[https://restfulapi.net/security-essentials/|Security_Principles]]
+  * Sample domains:
+    * [[http://ip.jsontest.com]]
+    * [[https://www.w3schools.com/python/demopage.js]]
+----
+**CURL**
+\\
+**TODO: curl most common flags** [[https://gist.github.com/eneko/dc2d8edd9a4b25c5b0725dd123f98b10|External Link]]
+  * -H (header)
+  * -X (request verb to use. Example -X PUT)
+\\
+**CRAFTED REQUESTS**\\
+The USER-AGENT makes a request in which they connect to the DOMAIN  (whatever the region is). The actual HTTP-REQUEST is then the line:
+  GET /multizone/channels-json.fcgi?url=mobileapp%3Ade.telekom.t_online_de HTTP/1.1
+So normally hostname and request comes in DIFFERENT PACKETS. The DOMAIN is not traveling in any packet, that's resolved into an IP.
+The entire URL, e.g.: "protocol:/hostname/path"   isn't sent as a single line in HTTP. Instead you get:
+  METHOD path HTTP/Version
+  Host: hostname
+  E.g.http://xyz.com/hello/world
+  GET /hello/world HTTP/1.1
+  Host: xyz.com
+**CURL AND SOCKS**
+\\
+Also see curl examples in [[https://softbackbone.duckdns.org/doku.php?id=network_stuff:linux|External Link]] \\
+  curl --socks5 127.0.0.1:1080 -X GET --header 'Accept: application/json' --header 'X-CSRFToken: XXXXYYYY' 'http://netbox.uswest-cluster.aws.mycompany1.co.uk:8080/api/dcim/devices/'
 ----

dokucama

User Tools

Site Tools

Differences

Page Tools