5

I'm doing a little bit of reverse engineering on the Rapportive API in Gmail.

I make this request 

import requests
url ='https://api.linkedin.com/uas/js/xdrpc.html'
r = requests.get(url)
print r.text

The response is an empty HTML file that has a lot of Javascript in it. On line 3661, it sets the RequestHeader for the subsequent call to Rapportive: 

ak.setRequestHeader("oauth_token", ae);

Is there a way I can request that page and then return ae?

Improve this question
8
  • The only thing in the file is JS, or there is JS mixed inside an HTML body? Commented Jan 1, 2016 at 0:30
  • Only JS. You can actually run that code and see the response. The Rapportive API is really flexible. Commented Jan 1, 2016 at 0:31
  • You need to execute all the Javascript, because that's what sets ae. Commented Jan 1, 2016 at 0:46
  • I thought by running the page, it runs the javascript and sets the oauth header? How can I intercept it? Commented Jan 1, 2016 at 0:48
  • 1
    requests.get() is not a Javascript interpreter, it just performs the HTTP request to download the contents of the file. Commented Jan 1, 2016 at 1:53

2 Answers 2

Reset to default
1

I think you can try:

  1. Get the page as you already does;
  2. Remove all non-javascript elements from the response page;
  3. Prepend a javascript (described below) in the page's javascript to override some code;
  4. Execute it with eval('<code>');
  5. Check if the token has been set correctly;

I'm proposing the following code to override the XMLHttpRequest.setRequestHeader functionality to be able to get the token:

// this will keep the token
var headerToken; 

// create a backup method
XMLHttpRequest.prototype.setRequestHeaderBkp = 
XMLHttpRequest.prototype.setRequestHeader; 

// override the "setRequestHeader" method
XMLHttpRequest.prototype.setRequestHeader = function(key, val)
{
  if ('oauth_token' === key)
    headerToken = val;

  this.setRequestHeaderBkp(key, val);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I'll give this a try!
@MorganAllen any news about the problem?
0

If you are just interested in retrieving the token can't you just do a regex match:

var str = '<script>var a = 1;...ak.setRequestHeader("oauth_token", ae);...</script>';
var token = str.match(/setRequestHeader\("oauth_token",\s*([^)]+)/)[1];

Although this assumes ae is the actual string value. If it's a variable this approach wouldn't work as easily.

Edit: If it's a variable you could do something like:

str.replace(/\w+\.setRequestHeader\([^,]+,\s*([^)]+)\s*\);/, 'oauthToken = \1';

Before running the JavaScript returned from the page, then the global oauthToken (notice the missing 'var') will contain the value of the token, assuming the the evaluation of the code is run in the same scope as the caller.

Improve this answer

4 Comments

Well, I'm hoping to be able to request the page, parse it somehow and access token.
You are extracting simple string ae from response text. What it is necessary, it's ae value in javascript context. Imagine: var ae = "foo"; ak.setRequestHeader("oauth_token", ae);. You code will extract ae string, not foo value.
@Valijon in my edit we are replacing the statement ak.setRequestHeader("oauth_token", ae); with oauthToken = ae;. Therefore after the code has been run, the global variable we just declared should in theory contain ae's value.
I'm lost. We are speaking different things. Try to adapt your code to python syntax and check if you are right. Because, I don't see how are you going to get ae value from string...

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.