landfill bugzilla returns 403 forbidden

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

landfill bugzilla returns 403 forbidden

shane.trahan
I am continually receiving 403 forbidden when access the jsonrpc.cgi. I thought it was something with the Apache server related to my instance but I am also receiving a similar issue when posting to landfill..

Does landfill allow testing of jsonrpc methods?  I should at a minimum be able to receive the token to use with subsequent request?

Thank you

here is the code

<?php
ob_start();
// Get cURL resource
$curl = curl_init();
// Set some options - we are passing in a useragent too here
curl_setopt_array($curl, array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_URL => 'https://landfill.bugzilla.org/bugzilla-4.4-branch/jsonrpc.cgi',
CURLOPT_USERAGENT => 'Codular Sample cURL Request',
CURLOPT_POST => 1,
CURLOPT_HEADER =>1,
CURLOPT_POSTFIELDS => array(
Bugzilla_login => 'username',
Bugzilla_password => 'password'
       
   )
));
// Send the request & save response to $resp
$response = curl_exec($curl);
echo $response;
?>

The Header response is
HTTP/1.1 100 Continue HTTP/1.1 403
Date: Fri, 31 Mar 2017 20:04:04 GMT
Server: Apache X-xss-protection: 1; mode=block
Strict-transport-security: max-age=604800
X-frame-options: SAMEORIGIN X-content-type-options: nosniff Set-Cookie: Bugzilla_login_request_cookie=DDD0gGzSUq; path=/bugzilla-4.4-branch/; secure; HttpOnly Transfer-Encoding: chunked Content-Type: application/json; charset=UTF-8

Content is
No Data
_______________________________________________
support-bugzilla mailing list
[hidden email]
https://lists.mozilla.org/listinfo/support-bugzilla
PLEASE put [hidden email] in the To: field when you reply.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: landfill bugzilla returns 403 forbidden

shane.trahan
Thank you for responding to this. It does work with get, no problem.. It just seems to be where METHOD is POST that the 403 FORBIDDEN gets returned.

Should I be passing the Bugzilla_login_request_cookie back to the server as a form variable?

Thanks in advance



On Saturday, April 1, 2017 at 4:53:41 AM UTC-4, Thorsten Schöning wrote:

> Guten Tag [hidden email],
> am Freitag, 31. März 2017 um 22:09 schrieben Sie:
>
> > Does landfill allow testing of jsonrpc methods?  I should at a
> > minimum be able to receive the token to use with subsequent request?
>
> It should, simply test with our browser. I don't get a 403.
>
> https://landfill.bugzilla.org/bugzilla-4.4-branch/jsonrpc.cgi?method=Bugzilla.time
> https://www.bugzilla.org/docs/4.4/en/html/api/Bugzilla/WebService/Server/JSONRPC.html#Connecting_via_GET
>
> > The Header response is
> > HTTP/1.1 100 Continue HTTP/1.1 403
>
> Look at your request, using some tool like Wireshark or such, are you
> really sending an "Expect: 100-continue" header o your own? I'm
> thinking about a proxy or such interfering with your communication.
>
> > Set-Cookie: Bugzilla_login_request_cookie=DDD0gGzSUq;
>
> This looks like your request has been processed, because only Bugzilla
> sets these cookies. Additionally, you don't seem to get a valid JSON
> response, but Bugzilla documents to always provide such even in case
> of an error.
>
> https://www.bugzilla.org/docs/4.4/en/html/api/Bugzilla/WebService/Server/JSONRPC.html#ERRORS
>
> Mit freundlichen Grüßen,
>
> Thorsten Schöning
>
> --
> Thorsten Schöning       E-Mail: [hidden email]
> AM-SoFT IT-Systeme      http://www.AM-SoFT.de/
>
> Telefon...........05151-  9468- 55
> Fax...............05151-  9468- 88
> Mobil..............0178-8 9468- 04
>
> AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
> AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow

_______________________________________________
support-bugzilla mailing list
[hidden email]
https://lists.mozilla.org/listinfo/support-bugzilla
PLEASE put [hidden email] in the To: field when you reply.
Loading...