2

I have mocked up a form that I plan on using to post arbitrary values to arbitrary URLs. I am using this mainly to test web services that I am developing via a browser. The page has <input>s for form method and action and many pairs of input="text" controls to set the name/value pairs that get posted.

This works wonderfully for my services that require the default querystring encoding, i.e.:

POST http://mysite.com/MyService.svc/CheckUsername HTTP/1.1
User-Agent: Fiddler
Host: mysite.com
Content-Length: 15
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

userName=Tester

However, some web services obviously require the data in other formats. Specifically the service I am trying to accommodate is accepts XML: 

POST http://mysite.com/MyService.svc/checkusername HTTP/1.1
User-Agent: Fiddler
Host: mysite.com
Content-Length: 60
Content-type: text/xml
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

<CheckUsername> <username>tester</username> </CheckUsername>

How do I get complete control over the payload of a form POST so I can structure the payload properly? Ideally, the solution will be HTML only, but I am also making heavy use of jQuery on the page so using that is also an option. I know I can fully manipulate the data using $.ajax() but unless I am mistaken, this is not an option because of the same origin policy - I want this form to be able to post to any of my sites without having to upload it to the web server.

Jeff
  • 13,943
  • 11
  • 55
  • 103

2 Answers2

2

I think the only option here is a proxy-script on your server that will make POST requests using cURL. (See passing $_POST values with cURL for PHP example). Instead of posting to the web service you would post to the script on your own server, and then that script would post to the web service.

If not for cross-domain requests, POST requests with arbitrary body can be made easily:

$.post(
  'http://example.com',
  '<CheckUsername><username>tester</username></CheckUsername>')

You could also use Flash, CORS or iframe to solve your cross-domain issues, but these would require cooperation from the web service, i.e. crossdomain.xml file or Access-Control-Allow-Origin header, which, I guess, is not an option.

Community
  • 1
  • 1
Alexey Lebedev
  • 11,988
  • 4
  • 39
  • 47
1

Modern browsers can use AJAX cross-domain (CORS; jQuery supports this out of the box) but the server must allow it by using special headers in its reply. Other than that, I don't think you can post something that is not urlencoded and does not contain at least one = sign.

Tgr
  • 27,442
  • 12
  • 81
  • 118