Click here to Skip to main content
15,566,065 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
hi i haw a acount in a website and ther is some field and a button
when you click the button the browser send a request to the serve.

in google chrome you can run javascript code in console tollse

i want to send the request instead clicking the button


this is the browser request that is without problem
JavaScript
googlechrome console >> network

General

Request URL: https://site.com/api/x
Request Method: POST
Status Code: 200 OK
Remote Address: 283.4.246.174:443
Referrer Policy: strict-origin-when-cross-origin

-----------------------------------------------------------

Response Headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://site.com
Content-Encoding: gzip
content-length: 207
Content-Security-Policy
Content-Type: application/json
Date: Fri, 15 Jan 2021 11:14:34 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Vary: Origin,Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: master-only
X-XSS-Protection: 1; mode=block

-----------------------------------------------------------

Request Headers

Accept: application/json, text/plain
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9,fa;q=0.8
Connection: keep-alive
Content-Length: 550
Content-Type: application/json
Cookie: _ga=GA1.2.6054475.1607011012; PLAY_LANG=fa; cookiesession1=0DSJSD9P11OUN7RFD8V2TDLYFR054FD; PLAY_SESSION=090f8dfg45654df7rt8477921fdce2901-client_login_id=39eef7409873e9a659a01&client_id=b8456ddcfc287a096e&authToken=e32a323dfa9048a173a216bcc
DNT: 1
Host: site.com
Origin: https://site.com
Referer: https://site.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
X-App-N: 234587302048.61669664

-----------------------------------------------------------

Request Payload

{param1:value1,param2:value2}

param1:value1
param2:value2



but when i send the request in google chrome console i get 403 error and this message
"Security problem. Invalid request."

my code
JavaScript
var url = 'https://site.com/api/x';
 var params = '"param1":"value1","param2":"value2"';
 var http = new XMLHttpRequest();

 http.open('POST', url, true);

 http.setRequestHeader('Content-Type', 'application/json');

  http.send(params);


What I have tried:

send request to server in google chrome console
Posted
Updated 16-Jan-21 1:15am
v2

1 solution

you didnt build the json data correctly.
try to use:
http.send(JSON.stringify({ "param1": "", "param2": "" }));
 
Share this answer
 

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900