开发者

XMLHttpRequest over SSL from Firefox extension

I'm going to develop a firefox extension which makes an XMLHttpRequest to this WebService.

I can query the service correctly with the following code (from the overlay.js):

var req = "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:dat=\"http://webservice.whereisnow.com/datatypes\"><soapenv:Header/><soapenv:Body><dat:CurrentDocument><dat:applicationId>1</dat:applicationId><dat:publisherId>84</开发者_开发百科dat:publisherId><dat:documentId>8</dat:documentId><dat:versionId>1</dat:versionId></dat:CurrentDocument></soapenv:Body></soapenv:Envelope>";
var xmlhttpreq =  Components.classes["@mozilla.org/xmlextras/xmlhttprequest;1"].createInstance(Components.interfaces.nsIXMLHttpRequest);

xmlhttpreq.open("POST","https://www.whereisnow.com/webservice",false); // false = async
xmlhttpreq.channel.loadFlags |= Components.interfaces.nsIRequest.LOAD_BYPASS_CACHE;      
xmlhttpreq.send(req);
if (xmlhttpreq.readyState == 4){ 
   if(xmlhttpreq.status == 200)
      alert(xmlhttpreq.responseText);
   else
      alert("Error: xmlhttpreq.status = " + xmlhttpreq.status)
   }
else
   alert("Not ready: xmlHttpreq.readyState = " + xmlHttpreq.readyState);

The responseText will be a valid xml that I can manipulate, but the WebService can be accessed both via http and https (SSL), and I MUST do it over https because authentication is required to do some stuff.

In order to access via https I MUST modify the endpoint using https:// instead of http:// and the request xml in this way:

var req = "<soapenv:Envelope xmlns:dat=\"http://webservice.whereisnow.com/datatypes\" xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"><soapenv:Header><wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><wsse:UsernameToken wsu:Id=\"UsernameToken-1\" xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd\"><wsse:Username>MY_USERNAME</wsse:Username><wsse:Password Type=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText\">SHA1_OF_MY_PASSWORD</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header><soapenv:Body><dat:CurrentDocument><dat:applicationId>1</dat:applicationId><dat:publisherId>84</dat:publisherId><dat:documentId>10</dat:documentId><dat:versionId>1</dat:versionId></dat:CurrentDocument></soapenv:Body></soapenv:Envelope>";

The problem is that the server status is always 500 and the responseText is always this:

<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><soapenv:Fault><faultcode>soapenv:Server</faultcode><faultstring>InvalidSecurity</faultstring><detail></detail></soapenv:Fault></soapenv:Body></soapenv:Envelope>

Any help?


EDIT

With the code found at this url I discovered that the SSL certificate of the service is correctly working. So I think the problem isn't about https...


solved adding the following lines after the open(...):

xmlhttpreq.setRequestHeader("Content-Type", "text/xml; charset=utf-8");
xmlhttpreq.setRequestHeader("SOAPAction", "whereIsNow");
0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜