空手道:在空手道 v0.9.5 中上传 .xslx 文件时出现 403 禁止错误 [英] Karate : 403 Forbidden error while uploading .xslx file in Karate v0.9.5

问题描述

我们有一个 API，它采用 POST 请求上传 Excel 文件.

我正在尝试使用多部分文件关键字上传SampleFile.xlsx".

I am trying to upload a "SampleFile.xlsx" by using multipart file keyword.

多部分文件 filename = {read:'SampleFile.xlsx', contentType:'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', filename:'SampleFile.xlsx'}

And multipart file filename = {read:'SampleFile.xlsx', contentType:'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', filename:'SampleFile.xlsx'}

方法发布时

并且还尝试将 contentType 更改为下面.

和多部分文件 filename = {read:'SampleFile.xlsx', contentType:'application/octet-stream', filename:'SampleFile.xlsx'}

And multipart file filename = {read:'SampleFile.xlsx', contentType:'application/octet-stream', filename:'SampleFile.xlsx'}

方法发布时

标题信息:

"Content-Disposition: form-data; name="file"; filename="SampleFile.xlsx"[\r][\n]" .CSRF 令牌、JSESSIONID 和特定于应用程序的身份验证参数也在 POST 调用期间使用.

"Content-Disposition: form-data; name="file"; filename="SampleFile.xlsx"[\r][\n]" . CSRF token, JSESSIONID and application specific authentication parameters are also used during the POST call.

同一应用程序的其他 API 使用相同的 cookie 和标头也能正常工作.

Other APIs of the same application are working fine with same cookies and headers.

我们收到如下 403 错误.我们还观察到文件内容被转换为二进制.

内容传输编码:二进制[\r][\n]"[main] DEBUG org.apache.http.wire - http-outgoing-5 >> /core.xmlPK[0x1][0x2]-[0x0][0x14][0x0][0x6][0x0][0x8][0x0][0x0][0x0]![0x0][0xc2]^Y[0x8][0x90][0x1][0x0][0x0][0x1b][0x3][0x0][0x0][0x10][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x10]/[0x0][0x0]docProps/app.xmlPK[0x5][0x6][0x0][0x0][0x0][0x0][\n]"[主要] DEBUG org.apache.http.wire - http-outgoing-5 <<"HTTP/1.1 403 Forbidden[\r][\n]"

"Content-Transfer-Encoding: binary[\r][\n]" [main] DEBUG org.apache.http.wire - http-outgoing-5 >> "/core.xmlPK[0x1][0x2]-[0x0][0x14][0x0][0x6][0x0][0x8][0x0][0x0][0x0]![0x0][0xc2]^Y[0x8][0x90][0x1][0x0][0x0][0x1b][0x3][0x0][0x0][0x10][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x0][0x10]/[0x0][0x0]docProps/app.xmlPK[0x5][0x6][0x0][0x0][0x0][0x0][\n]" [main] DEBUG org.apache.http.wire - http-outgoing-5 << "HTTP/1.1 403 Forbidden[\r][\n]"

同样的请求在 Postman 和 Jmeter 上运行良好.

The same request works fine on Postman and Jmeter.

请帮帮我！

提前致谢.

(添加 cURL 代码以及我尝试过的所有可能的方法)

(Adding cURL code and also all possible ways I tried)

—cURL from Chrome—

curl 'https://samplexlsx.com/rest/upload' -H 'Sec-获取模式:cors' -H '来源:https://samplexlsx.com' -H '接受编码:gzip, deflate, br' -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: dslang=GB-EN;acn01-uat=XXXXXX==;acack-uat=XXXXXX;JSESSIONID=XXXXX.node0;xlsx_IT_srv_id=xxxxdd' -H 'Connection: keep-alive' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) WebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.97.36333-H '内容类型:多部分/表单数据；边界=----WebKitFormBoundaryeqxxxxx' -H 'Accept: application/json' -H 'Cache-Control: no-cache' -H 'Referer: https://samplexlsx.com/' -H 'Sec-Fetch-Site: same-origin' -H 'X-CSRF-Token: xxxxxxx+SjpXDA=' --data-binary $'------WebKitFormBoundaryeqxxxxx\r\nContent-Disposition: form-data;名称=文件"；文件名=sample.xlsx"\r\nContent-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet\r\n\r\n\r\n------WebKitFormBoundaryeqxxxxx--\r\n' ———压缩

curl 'https://samplexlsx.com/rest/upload' -H 'Sec-Fetch-Mode: cors' -H 'Origin: https://samplexlsx.com' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' -H 'X-Requested-With: XMLHttpRequest' -H 'Cookie: dslang=GB-EN; acn01-uat=XXXXX==; acack-uat=XXXXXX; JSESSIONID=XXXXX.node0; xlsx_IT_srv_id=xxxxdd' -H 'Connection: keep-alive' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) WebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36' -H 'Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryeqxxxxx' -H 'Accept: application/json' -H 'Cache-Control: no-cache' -H 'Referer: https://samplexlsx.com/' -H 'Sec-Fetch-Site: same-origin' -H 'X-CSRF-Token: xxxxxxx+SjpXDA=' --data-binary $'------WebKitFormBoundaryeqxxxxx\r\nContent-Disposition: form-data; name="file"; filename="sample.xlsx"\r\nContent-Type: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet\r\n\r\n\r\n------WebKitFormBoundaryeqxxxxx--\r\n' ———compressed

——来自 Postman 的 cURL——

—cURL from Postman--

curl --location --request POST 'https://samplexlsx.com/rest/upload' \--header 'X-CSRF-Token: xxxxxxx+SjpXDA='\--header 'X-Requested-With: XMLHttpRequest' \--header 'Referer: https://samplexlsx.com/' \--header '主机:samplexlsx.com' \--header 'Cookie: dslang=US-EN;acn01-uat=xxxxxxx==;acack-uat=xxxxxxxdddd；JSESSIONID=xxxxxxddd.node0' \--form 'file=@/path/to/file'

curl --location --request POST 'https://samplexlsx.com/rest/upload' \ --header 'X-CSRF-Token: xxxxxxx+SjpXDA=' \ --header 'X-Requested-With: XMLHttpRequest' \ --header 'Referer: https://samplexlsx.com/' \ --header 'Host: samplexlsx.com' \ --header 'Cookie: dslang=US-EN; acn01-uat=xxxxxxx==; acack-uat=xxxxxxxdddd; JSESSIONID=xxxxxddd.node0' \ --form 'file=@/path/to/file’

解决方案列表:

#1.
Given url 'https://samplexlsx.com/rest/upload'
And def MultipartPayload = {}
And set MultipartPayload
  | path        | value                                                               |
  | read        | "classpath:testdata/sample.xlsx"                                    |
  | contentType | 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' |
  | filename    | 'sample.xlsx'                                                       |
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) WebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36'}
And configure cookies = cookiesGen
And multipart file file = MultipartPayload
When method post

#2.
And def MultipartPayload = {}
And set MultipartPayload
  | path        | value                            |
  | read        | "classpath:testdata/sample.xlsx" |
  | contentType | 'application/octet-stream'       |
  | filename    | 'sample.xlsx'                    |
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
And multipart file file = MultipartPayload
When method post

#3.
And multipart field file = {read:'classpath:testdata/sample.xlsx', contentType:'application/octet-stream', filename:'sample.xlsx'}
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#4.
And multipart file file = {read:'classpath:testdata/sample.xlsx', contentType:'application/octet-stream', filename:'sample.xlsx'}
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#5.
And form field Content-Disposition = 'form-data'
And form field name = 'file'
And form field filename = 'sample.xlsx'
And form field Content-Type = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#6.
* def temp = karate.readAsString('classpath:testdata/sample.xlsx')
And multipart file file =  { value: '#(temp)', filename: 'sample.xlsx', contentType: 'text/xlsx' }
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#7.
And bytes data = read('classpath:testdata/sample.xlsx')
And multipart file file = { value : '#(data)', filename: 'sample.xlsx', contentType: 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'}
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#8.
And multipart field read = "classpath:testdata/sample.xlsx"
And multipart field filename = 'sample.xlsx'
And multipart field contentType = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

#9.
And multipart entity read('classpath:testdata/sample.xlsx')
* def headerString1 = {  'Accept-Encoding': 'gzip, deflate, br', 'X-CSRF-Token' : 'xxxxddd', 'Content-Type': 'multipart/form-data', 'Host': 'samplexlsx.com', 'Origin': 'https://samplexlsx.com', 'Referer': 'https://samplexlsx.com/', 'X-Requested-With': 'XMLHttpRequest' , 'User-Agent' : 'Apache-HttpClient/4.5.5 (Java/11.0.1)'}
And configure cookies = cookiesGen
When method post

错误日志:错误日志

推荐答案

现在已解决.标头中的CSRF-Token"与另一个符号连接.在开发人员的帮助下对其进行了调试.

This is resolved now. "CSRF-Token" in header was concatenated with another symbol. Debugged it with the help of developers .

这篇关于空手道:在空手道 v0.9.5 中上传 .xslx 文件时出现 403 禁止错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！