scottklement.com

Hello,
I'm getting an error in my log that says "HTTP Error 400. The request has an invalid header name." I think it may be due to the characters in the URL:
Servername.company.com:1234/api/ProcessMessage?custID=GPD?facility=01

What must i to do to translate the characters correctly?
I am using an http_string post.

It also appears part of the url is being removed in the post when looking at the log:
POST /api/ProcessMessage?custID=GPD?facility=01 HTTP/1.1
Host: Servername.company.com:1234

That URL should be: Servername.company.com:1234/api/ProcessMessage?custID=GPD&facility=01 surely?

The "?" introduces the query string. "&"s separate the parameters.

As it is now the second "?" is being treated as part of the value for custID

True, that's very strange that you have two ? characters in the URL. But, that's not technically illegal by HTTP standards -- if the server allows it, it should be fine.

I don't see anything wrong with the info in your post, aside from that.

The error message says something about an invalid header. But, you didn't post any information about the headers, you've only provided info about the URL.

You are correct, the second ? is actually an &.

Perhaps that's not the issue at all and the "subject" is misstating the problem. (I'm totally green on all of this)
Could this be an issue with the windows server config overriding my "application/json" content type?
I am unable to attach the .txt log file so I will paste it here:

HTTPAPI Ver 1.48 released 2023-09-13
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R4M0

http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: MYCOMPANY.COM
DNS server found: My IP Address
DNS server found: My IP Address
DNS server found: 8.8.8.8
Nagle's algorithm (TCP_NODELAY) disabled.
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
There are 0 cookies in the cache
POST /wmsapi/ProcessMessage?custID=GPD&facility=01 HTTP/1.1
Host: Server.Company.com:port
User-Agent: http-api/1.48
Content-Type: application/json
Content-Length: 239
al0EF1D38B49A04AB1A5EC8F94F0B6C2E9 - this is an additional header added with http_xproc( HTTP_POINT_ADDL_HEADER / it's a login token


senddoc(): entered
{"Message_Type":"0140","Mode":"A","Vendor_ID":"000039","Vendor_Name":"ADVANCED ALLOYS INCORPORA","Vendor_Address1":"P.O. BOX 2362","Vendor_Address2":"","Vendor_City":"HUFFMAN","Vendor_State":"TX","Vendor_Zip":"77336","Vendor_Country":"US"}
recvresp(): entered
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 11 Nov 2023 13:12:53 GMT
Connection: close
Content-Length: 339


SetError() #13: HTTP/1.1 400 Bad Request
recvresp(): end with 400
recvdoc parms: identity 339
header_load_cookies() entered
recvdoc(): entered
SetError() #0:
recvdoc(): Receiving 339 bytes.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Header</h2>
<hr><p>HTTP Error 400. The request has an invalid header name.</p>
</BODY></HTML>

SetError() #13: HTTP/1.1 400 Bad Request
http_close(): entered

al0EF1D38B49A04AB1A5EC8F94F0B6C2E9 - this is an additional header added with http_xproc( HTTP_POINT_ADDL_HEADER / it's a login token

This isn't a valid header. A header always consists of the header name, a colon, and it's value. This appears to only be the value (or part of the value)?

If this is meant to be a bearer token, it should look like this: Where <CRLF> should be replaced with the actual CR and LF characters (x'0d25' in EBCDIC)

Thank you! I found an example you had on another forum and changed my program to reflect that. I had tried putting 'Authorization: + token' + CRLF before posting to this forum and got the same error. When I saw your post, it showed 'Authorization: ' + 'token" + CRLF. I was missing a couple single quotes. I'm still getting an error but it's now keeping the application/json content type. My new error is as follows and I've sent the log to the software vendor, assuming it's an error on the windows server side. Since NTLM is listed in the log header, does that indicate NTLM authorization is required?

HTTPAPI Ver 1.48 released 2023-09-13
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R4M0

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: COMPANY.COM
DNS server found: 123.456.789.123
DNS server found: 123.456.789.122
DNS server found: 8.8.8.8
Nagle's algorithm (TCP_NODELAY) disabled.
http_persist_req(POST) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(POST): entered
There are 0 cookies in the cache
POST /wmsapi/ProcessMessage?custID=GPD&facility=01 HTTP/1.1
Host: Server.company.com:port
User-Agent: http-api/1.48
Content-Type: application/json
Content-Length: 239
Authorization: al0EF1D38B49A04AB1A5EC8F94F0B6C2E9


senddoc(): entered
{"Message_Type":"0140","Mode":"A","Vendor_ID":"000039","Vendor_Name":"ADVANCED ALLOYS INCORPORA","Vendor_Address1":"P.O. BOX 2362","Vendor_Address2":"","Vendor_City":"HUFFMAN","Vendor_State":"TX","Vendor_Zip":"77336","Vendor_Country":"US"}
recvresp(): entered
HTTP/1.1 500 Internal Server Error
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Server: Microsoft-HTTPAPI/2.0
Date: Sat, 11 Nov 2023 20:56:22 GMT


SetError() #13: HTTP/1.1 500 Internal Server Error
recvresp(): end with 500
recvdoc parms: chunked 0
header_load_cookies() entered
recvchunk(): entered
get_chunk_size(): entered
52

chunk size = 82
get_chunk_size returned 82
calling comm_blockread
{"ErrorCode":-1,"ErrorMessage":"The given key was not present in the dictionary."}
got 82
comm_blockread returned 82


got 2
get_chunk_size(): entered
0

chunk size = 0
get_chunk_size returned 0
SetError() #13: HTTP/1.1 500 Internal Server Error
http_close(): entered

This is not a bearer token. I asked the vendor that question, Their reply was "No, nothing that fancy . It is just the Value for the Authorization header.".

To sum this up... The problem was the token format AND the software vendor has rules on this particular message that ALL properties must be sent (that they failed to divulge). I added the additional properties and it works like a charm!

Thanks so much for your responses.