8

I am trying to create a new paste using the PasteBin API with request module like so: 

var request = require("request");
request({
    url : "http://pastebin.com/api/api_post.php",
    method : "POST",
    qs : {
        "api_dev_key" : MY_DEV_KEY,
        "api_option" : "paste",
        "api_paste_code" : "random text"
    }
},function(err,res,body){
    ...
});

My understanding is that since the method is POST and querystring parameters are provided, the values in qs object will be stored as key=value pairs in the body. (Ref: How are parameters sent in an HTTP POST request?)

However, I get back a Bad API request, invalid api_option from PasteBin. So I curled the request from my terminal like so: 

curl -X POST "http://pastebin.com/api/api_post.php" -d "api_dev_key=[MY_DEV_KEY]&api_option=paste&api_paste_code=some+random+text"

and this worked.

So this leads to two questions:

  1. How exactly are the parameters sent when a POST request is made and qs is provided?
  2. How do I send URL-encoded body using just the request module?
Improve this question
0

2 Answers 2

Reset to default
12

Rename the qs key to form in the object. The qs key is for specifying the query string on the end of the URL (e.g. For GET requests). The form key is for specifying the form URL encoded request body (e.g. For a POST request).

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I came to my conclusion (that POST + qs = url-encoded body) because some APIs (that state they want a url-encoded body) work fine if I use qs instead of form while making a POST request. Any insight into this? (:
@LittleChild my best guess is that those APIs are doing something like body = req.body || req.query or something like that. Meaning that it will look for the POST data in either the body of the request or in the query string.
Correct me if I am wrong, POST is used for sending sensitive data that shouldn't be sent as a part of the URL. So the APIs that allow data to be sent as querystring (whilst mentioning url-encoded body in the documentation) are exposing the data for everyone to see?
@LittleChild so long as you're sending the request to an HTTPS endpoint you should be fine. The connection to the SSL endpoint is established before the path header is sent (which would contain the query string). See here: stackoverflow.com/a/323286/1397319
Thanks a ton, mate! The link to the SO question answered another question I had in mind.
3

the same issue for me and my resolution which is perfectly working for me is.

request.post({
headers: {
    'Content-Type': 'application/x-www-form-urlencoded'
},
url : "http://pastebin.com/api/api_post.php",
body : "api_dev_key=MY_DEV_KEY&api_option=paste&api_paste_code=andom text"},function(err,res,body){  ...});
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.