javascriptparse-platformhttprequestparse-cloud-codehttp-request

Logging Into Site Using Javascript HTTP Request?


I'm attempting to log into my nike account using http requests and parse. Here's my request:

Parse.Cloud.httpRequest({
      method: 'POST',
      headers: {
        'Content-Type' : 'application/x-www-form-urlencoded; charset=UTF-8'
      },
      url: 'https://www.nike.com/profile/login',
      params: {
          'Content-Locale' : 'en_US',
      },
      body: {
          'login' : <userId>,
          'rememberMe' : 'true',
          'password' : '<password>'
      }
    }).then(function(httpResponse) {

      //Log
      console.log(httpResponse.text);
    }, function(httpResponse) {

      //Log
      console.error('Request failed with response code ' + httpResponse.status);
});

I'm using rest to call my function, and it's working correctly. The only problem is that it keeps returning a 403 error. Is there something I'm doing wrong with my request?

Here is all the info of the actual request I found in Safari when logging in through the browser (NOTE: I'm new to http requests).

enter image description here

Update:

The image above is of a valid login using the web browser.

Also, here's an image of the request and response section for more details:

enter image description here


Solution

  • I don't believe there's anything wrong with your request structure, if you are consistently seeing 403 - Forbidden response. That implies that your request is being rejected due to cross-origin restrictions, improper or unexpected request headers and/or spoofing your referrer and origin, etc.

    But without knowing the details of Nike's login services, we can only speculate.

    I would expect to see other HTTP responses like 400 Bad Request, 406 Not Acceptable, 500 Timeout, etc if there was something fundamentally wrong with your request.

    To properly answer, we'd need to know more details about the environment your requests are made from. Is this a local server? Are you a Nike developer with access to internal nike.com environments? Where is this HTTP request being initiated from?

    The best I can suggest with the information provided is some tools to help troubleshoot further:

    I can't post more than 2 links yet, but search for cross origin access and http status codes for more details on general HTTP requests.