-1

You must GET the "candidates/2021_05/mohamed_nagy_b3b03cbe" resource from a website service: https://hire.verkata.com/askme/ Make the GET request above appear as if you're sending it by following a link to the resource from http://google.com/candidates/mohamed_nagy using a Chrome browser running on an Android Phone. Otherwise, the web service will give you an Access Denied error. can anyone give me some guidance on how we can do some tasks like that in android, while I didn't do so before, please? Note: I am using pure JavaSacript fetch API but can't solve the puzzle, Unfortunately.

client index.js

let button = document.getElementById('generate');
let Info = document.querySelector('Info');
const key = 'candidates/2021_05/mohamed_nagy_b3b03cbe';
const url = 'https://hire.verkata.com/askme/';
button.addEventListener('click', () => {
    fetchWeather(url, key)
        .then((data) => {
            postData('/', {
                Information: data.content(),
            })
        }).then(() => {
            updateUI();
        })
});
const fetchWeather = async (url, key) => {
    const res = await fetch(url + key)
    try {
        const data = await res.json();
        console.log(data);
        return data;
    } catch (error) {
        console.log("Error:", error) // appropriately handle the error
    }
};
const postData = async (url = '', data = {}) => {
    console.log(data)
    const response = await fetch(url, {
        method: 'POST',
        credentials: 'same-origin',
        headers: {
            'Content-Type': 'application/json',
        },
        body: JSON.stringify(data), // body data type must match "Content-Type" header
    });
    try {
        const newData = await response.json();
        console.log(newData);
        return newData
    } catch (error) {
        console.log('Error', error);
    }
};
const updateUI = async () => {
    const request = await fetch('/all');
    try {
        const allData = await request.json();
        console.log(allData);
        document.getElementById('info').innerHTML = allData.Info;
    } catch (error) {
        console.log('error', error);
    }
};

server.js

let projectData = {};
const express = require('express');
const app = express();
const bodyParser = require('body-parser');
app.use(bodyParser.urlencoded({
    extended: true
}));
app.use(bodyParser.json());
const cors = require('cors');
app.use(cors());
const fetch = require('node-fetch');
app.use(express.static('website'));
const port = 8888;
app.listen(port, () => { 
    console.log(`server is running on localhost port number: ${port}`)
});
app.post('/', (req, res) => {
    console.log(req.body)
    const newEntry = {
        Info: req.body.Information,
    }
    projectData = newEntry // projectData.push(newEntry)
    res.send(projectData)
});
app.get('/all', (req, res) => {
    console.log(projectData);
    res.send(projectData);
});

HTML

<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Fetch API</title>
<link href="https://fonts.googleapis.com/css?family=Oswald:400,600,700|Ranga:400,700&display=swap" rel="stylesheet">
<link rel="stylesheet" href="style.css">
<!--[if lt IE 9]>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.js"></script>
<![endif]-->
</head>
 <body>
<div id = "app">
  <div class ="holder">
    <a href="http://google.com/candidates/2021_05/mohamed_nagy_b3b03cbe"><div class="button" id="generate">Send Get Info</div></a>
  </div>
  <div class ="entry">
    <div class = "title">Most Recent Entry</div>
   <div id = "Holder">
   <div id = "Info"></div>
  </div>
  </div>
  </div>
<script src="app.js" type="text/javascript"></script>
</body>
</html>

the server just telling me can't get because of 404 not fount on this server

Abunagy
  • 23
  • 8
  • 1
    Can you show us what you tried so far code-wise? – Gaëtan Boyals May 20 '21 at 08:37
  • I wrote the server-side code @Gaëtan Boyals, won't like to write boring questions I want any ideas or any kinds of help please – Abunagy May 20 '21 at 08:47
  • I saw your server.js and it seems like valid JS code to me, other than it's not really "server" code since it's executed in the browser. However, I still don't have enough context to fully answer your question: what does your html code look like? why is there a POST request if you just have to retrieve data (as your first sentence states)? what are you trying to achieve exactly? where does the code crash? I'm more than willing to help, but you have to help me fully understand your problem first. – Gaëtan Boyals May 20 '21 at 09:00
  • really grateful to you my brother this is the client-side code or app.js or any name my problem that they want me to reach to the resources on their website to be able to reach them and contact them and they have given me three parts of links I will reattach all parts, @Gaëtan Boyals – Abunagy May 20 '21 at 09:10
  • Thanks for the context, I'll write a detailed answer when I come back from lunch. – Gaëtan Boyals May 20 '21 at 10:06

4 Answers4

1

You don't need a server side code. Actually you don't need to write any code to make a GET request.

You can use API Client tools such as Postman.

The request should be in this format:

  • method: GET
  • Referer: "http://google.com/candidates/mohamed_nagy",
  • User-Agent: "Mozilla/5.0 (Linux; Android 10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Mobile Safari/537.36"

(User-Agent is required to simulate a Chrome browser running on an Android Phone.)

So, you can get a response, "You need to retrieve the puzzle within 72 hours of receiving the email".

Batuhan
  • 11
  • 1
1

You need to use three things to solve this puzzle.

  1. Get method
  2. User Agent
  3. Referrer

You can find the sample Python Code below.

import requests

url = "https://hire.verkata.com/askme/candidates/2021_05/mohamed_nagy_b3b03cbe"

"""  https://www.whatismybrowser.com/guides/the-latest-user-agent/android  """
headers = {'user-agent': 'Mozilla/5.0 (Linux; Android 12) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.99 Mobile Safari/537.36',
           'Referer':'http://google.com/candidates/mohamed_nagy'
           }

response = requests.get(url, headers=headers)

from bs4 import BeautifulSoup

soup = BeautifulSoup(response.content, "html.parser")
print(soup.prettify())
Veysel Sercan Ağzıyağlı
  • 21
  • 2
0

Try chaning this in your HTML code add this

    <a href="http://google.com/candidates/2021_05/mohamed_nagy_b3b03cbe"><div class="button" id="generate">Send Get Info</div></a>       

instead if this in the address :    
           <a href="http://google.com/candidates/2021_05/mohamed_nagy_b3b03cbe"><div class="button" id="generate">Send Get Info</div></a>       

to this    
        <a href="https://hire.verkata.com/askme/candidates/2021_05/mohamed_nagy_b3b03cbe"><div class="button" id="generate">Send Get Info</div></a>       

or just change the href attribute to 
    href="#"
USER249
  • 1,080
  • 7
  • 14
  • http://google.com/candidates/mohamed_nagy, candidates/2021_05/mohamed_nagy_b3b03cbe https://hire.verkata.com/askme/ i have changed everything and tried every combination, I think this is not my problem, the problem is how to use the three parts of links in routs from a href as clicked in addition to the fetch that use the other links to combine all together – Abunagy May 20 '21 at 09:53
0

There's a few things you can improve here and there. It seems like it's a student exercice and the subject doesn't specify the methods you should use to implement your solution, so let's go the fastest route.

You don't need server-side code

You must GET the "candidates/2021_05/mohamed_nagy_b3b03cbe" resource from a website service: https://hire.verkata.com/askme/ Make the GET request above appear as if you're sending it by following a link to the resource from http://google.com/candidates/mohamed_nagy using a Chrome browser running on an Android Phone. Otherwise, the web service will give you an Access Denied error.

The subject doesn't say what you have to do with the data fetched to the URL https://hire.verkata.com/askme/ so I'll assume you just have to display them.

In this case, you don't need your whole server.js file. Express.js is a web framework to build all kinds of things, especially APIs and web apps, but since you don't seem to need routing nor back-end app in any way, you can just scrape it.

Acceptable HTML/JS

Again, as the subject doesn't mention anything (and since it probably won't be used in any kind of production environment), you can just put all your code in a single HTML file and it'll work just as expected.

Here's what I would do. (Keep in mind that the code below is not professional at all, and we go the fastest route, hence the acceptable in heading)

<!DOCTYPE html>
<html lang="en">
<head>
  <meta charset="UTF-8">
  <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
  <meta name="viewport" content="width=device-width, initial-scale=1.0">
  <title>Fetch API</title>
  <link href="https://fonts.googleapis.com/css?family=Oswald:400,600,700|Ranga:400,700&display=swap" rel="stylesheet">
  <link rel="stylesheet" href="style.css">
  <!--[if lt IE 9]>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.3/html5shiv.js"></script>
  <![endif]-->
</head>
<body>
<div id="app">
  <div class="holder">
    <button class="button" id="call-server">Send Get Info</button>
  </div>
  <div class="entry">
    <div class="title">Most Recent Entry</div>
    <div id="holder">
      <div id="display-info"></div>
    </div>
  </div>
</div>
</body>
<script>
  let button = document.getElementById('call-server');
  let info = document.getElementById('display-info');
  const key = 'candidates/2021_05/mohamed_nagy_b3b03cbe';
  const url = 'https://hire.verkata.com/askme/';

  button.addEventListener('click', () => {
    fetchWeather(`${url}${key}`)
      .then((data) => {
        console.log(data);
        info.innerHTML = data;
      }).catch((err) => {
      console.error(err);
    })
  });

  const fetchOpts = { method: 'GET',
    referrer: "http://google.com/candidates/mohamed_nagy",
  };
  const fetchWeather = async (fullUrl) => {
    try {
      const res = await fetch(fullUrl, fetchOpts)
      return await res.json();
    } catch (error) {
      console.log("Error:", error) // appropriately handle the error
    }
  };
</script>
</html>

I took your code and simplified it. No need for a <a> tag, that would redirect you to the link you give it in the href attribute. What they meant by

Make the GET request above appear as if you're sending it by following a link to the resource from http://google.com/candidates/mohamed_nagy

is setting the referrer header in the request. More info on this here and here.

But it still doesn't work as of the time of this answer, and here's (partially) why.

What THEIR problem is

When navigating with a browser to the full URL you gave in your post, we can see that an error pops-up directly from PHP:

Notice: Undefined index: HTTP_REFERER in /var/www/html/hire/actions/requests.php on line 34

What this error tells is that the server couldn't find the header referer in the request. As this answer states, the referer header is not guaranteed to be sent by the browser.

Unfortunately, the same error pops whether the referer header is set or not. I tried almost all the combinations of referrer and referrerPolicy and it seems it never let me access anything.

In any case, it is an uncaught error on their side and this error should never be displayed to the end user no matter what.

Conclusion

Try double-checking the URL you try to reach to see if there's any typo. If you're 100% sure of the URL, try contacting the owner or developer of https://hire.verkata.com and tell them they have an uncaught error while checking the referer header.

Gaëtan Boyals
  • 1,193
  • 1
  • 7
  • 22
  • Appreciate your effort bro thanks a lot for this effort I already have done the same solution and it seems that the time been passed because it was a timed task, so it's gone or removed from the resources of this website, temporary resource, anyway it was great talking to you @Gaëtan Boyals – Abunagy May 21 '21 at 01:48