HTTPSecureSocket fails to parse headers

Jeremie_L · June 8, 2016, 8:49am

Hi all,

Since my last product update, several users are reporting a problem with the HTTPSecureSocket I am using to retrieve data from an API.

[quote]
Stack:

HTTPSecureSocket._ParseHeaders%%os
HTTPSecureSocket._HandleNewData%%o
HTTPSecureSocket.Event_DataAvailable%%o

Delegate.Invoke%%
Application._CallFunctionWithExceptionHandling%%op

REALbasic._RuntimeRun
_Main
main[/quote]

Another problem that seems to be related the headers aren’t parsed although on Mac there is no problem. This is an example:

[quote]
HTTP/1.1 200 OK
Date: Wed, 08 Jun 2016 07:10:18 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.4.42
Content-Length: 359
Connection: close
Content-Type: application/json; charset=utf-8

[
{
“ID”: “128379”,
“studentID”: “352”,
“roomID”: “79”,
“teacherID”: “57”,
“year”: “2015”,
“trimester”: “2”,
“subjectID”: “1391”,
“value”: “B”,
“lastupdate”: “2016-05-31 21:45:05”
}
][/quote]

On Mac the header is correctly parsed and the JSON data can be used with the JSONItem class.

This problem happens since I changed the socket to a HTTPSecureSocket.
With HTTPSocket it worked correctly.

Greg_O_Lone · June 8, 2016, 12:17pm

Well, one of the issues is that you’re trying to parse a 1.1 response, but the Classic framework sockets are only 1.0, but if you would create a feedback case and include (even privately) the url you are accessing, I’d be interested to take a look.

Jeremie_L · June 8, 2016, 12:33pm

Hi Greg,

Thanks for your help:

<https://xojo.com/issue/44205>

Grant_Singleton · June 8, 2016, 12:51pm

HTTPSecureSocket is useless.

Jeremie_L · June 8, 2016, 1:07pm

What should I use instead @Grant Singleton ?

Grant_Singleton · June 8, 2016, 1:23pm

I’m having similar issues with accessing a secure website. See my thread here.

HTTPSecureSocket doesn’t work, and the new framework doesn’t support windows (yet). I’ve attempted many connections using it but it seems to me to be suffering from being stuck to the HTTP 1.0 protocol and not 1.1.

I’ve had minor success with CURL in so far as I’ve at least been able to get through the authentication process, but I’m now having issues with it redirecting. It possibly may have something to do with a SessionID where CURL returns with a 404 error if I attempt to connect directly to my ultimate URL destination after initially connecting successfully.

Current issues identified for myself are:

Authentication Type
User-Agent setting
Cookie processing and management
Redirections

Still have more testing to do.

You can also try CURLSMBS from MonkeyBread. Christian is very helpful.

Cheers
Grant

Jeremie_L · June 8, 2016, 1:36pm

Thanks Grant.
Seems like I’m stuck to using HTTPSocket for the moment as users have a critical need of the new features implemented in the latest update.

I’ll try for some other solutions during the summer, unless Greg comes up with a solution

Greg_O_Lone · June 8, 2016, 2:10pm

[quote=270597:@JrmieLeroy]Thanks Grant.
Seems like I’m stuck to using HTTPSocket for the moment as users have a critical need of the new features implemented in the latest update.

I’ll try for some other solutions during the summer, unless Greg comes up with a solution :)[/quote]
Ok. I really need to see the way you’re setting up the socket. I’ve just tried this on OS X 10.11.5 an on Windows 7 and neither of them are giving the exception you are reporting. For instance, I am using:

[code]// Set up the socket
dim h as new HTTPSecureSocket
h.Secure = True
h.ConnectionType = h.TLSv12

// Set the URL
dim url as string = “https://your url here”

// Send Synchronous Request
dim s as string = h.SendRequest(“GET”,url,30)[/code]

I’ve also tried setting the ConnectionType down to SSLv3 and it still works just fine.

Greg_O_Lone · June 8, 2016, 2:19pm

It would also be helpful to know what version of Xojo you are using.

Grant_Singleton · June 9, 2016, 8:26am

Greg,

I’ll give HTTPSecureSocket another go this weekend. For myself the Authenticate event was not firing.

Xojo 2016r1 Win7 on Parallels Mac Pro 2013 OSX 10.11.5.

Cheers
Grant

Grant_Singleton · June 12, 2016, 6:06am

I’ve been experimenting with HTTPSecureSocket for hours now and I can’t get it to work. My server users Basic authentication, and HTTPSecureSocket seems to continually fire the AuthorizationRequired event and doesn’t authenticate.

I’m at a loss. I don’t know where to go from here.

Something so simple should be easy to do.

Frustrated.
Grant

Greg_O_Lone · June 12, 2016, 11:28am

Okay, so you’re setting the username and password properties and returning True from the event?

The only reason I can think of that the event would continually fire is if the server is resending the headers requesting it.

Grant_Singleton · June 12, 2016, 1:30pm

Greg,

I’ve ditched using the AuthorizationRequired event and now resend the get request with the Authorization request header when I receive an HTTPstatus code of 401 in my response header. I can now successfully access the page that I’m after.

Cheers
Grant

Greg_O_Lone · June 12, 2016, 1:57pm

[quote=271584:@Grant Singleton]Greg,

I’ve ditched using the AuthorizationRequired event and now resend the get request with the Authorization request header when I receive an HTTPstatus code of 401 in my response header. I can now successfully access the page that I’m after.

Cheers
Grant[/quote]
That’s bizarre. We use this internally and it works just fine.