On Wed, 1 Jun 2016 21:19:02 +0300 Stanislav Mihaylov <[email protected]> wrote:
> Hi Nick, > > > On Jun 1, 2016, at 5:53 PM, Nick Kew <[email protected]> wrote: > > > > I've been running some M-Pin sessions capturing > > and looking at the traffic between the Miracl > > Javascript client and Python RP server. > > > > Among other things, I see repeated unsuccessful calls: > > > > POST /rps/accessnumber HTTP/1.1^M > > .... > > The unsuccessful calls are intentional although there is a place for > improvement by implementing HTTP Long-poll, Websockets or evene > HTTP/2 instead of periodically checks. Thanks for the replies - both of you. I was confused because when I authenticated successfully I got a different request. > > Content-Type: text/plain;charset=UTF-8^M > > Cookie: mpindemo_session="..."^M > > ^M > > {"webOTT":"13468f969413889e287a69ddc526fef6"} > > > > > (aside: that's JSON being sent as text/plain) > > I think an issue should be raised in the javascript client. It seems > it doesn't send proper headers. There's a lot of it about. Looks simple to fix. I'll enter it in Jira if you don't get there first. Probably need to revisit Jira configuration so we can accept requests for different components - like JS Client. > > Now the response to this is a 401, with other HTTP headers > > whose legitimacy might be in question, and no body: > > > > HTTP/1.1 401 Unauthorized^M > > Server: TornadoServer/4.1^M > > Www-Authenticate: Authenticate^M > > The Python RPS server doesn't set and use that HTTP header > (Www-Authenticate). Probably it's something between you and the > server. Please give more information about the setup. Hmmm, I guess that must've been the proxy I used to log the traffic. Since a 401 response MUST set a WWW-Authenticate header, I guess the proxy took a stab at fixing it. FWIW, I didn't see any difference in behaviour going through the proxy vs going direct. > The successful response happens when you authenticate successfully > with your mobile client. I guess I may need to revisit that log! -- Nick Kew
