Unusual HTTP headers in the Plesk API

2019-08-19 06:13发布

The documentation for the Plesk API* gives the following cURL function.

function curlInit($host, $login, $password)

{

  $curl = curl_init();

  curl_setopt($curl, CURLOPT_URL, "https://{$host}:8443/enterprise/control/agent.php");

  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

  curl_setopt($curl, CURLOPT_POST,           true);

  curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

  curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);

  curl_setopt($curl, CURLOPT_HTTPHEADER,

         array("HTTP_AUTH_LOGIN: {$login}",

                "HTTP_AUTH_PASSWD: {$password}",

                "HTTP_PRETTY_PRINT: TRUE",

                "Content-Type: text/xml")

  );



  return $curl;
}

I have a couple of questions.

  1. I have never, anywhere else, seen HTTP headers with underscores in them. Is this an error in the documentation?

  2. What on Earth is HTTP_PRETTY_PRINT? Searching for this just brings me back to Plesk documentation. I can't see it anywhere else.

  3. What's the deal with using HTTP_AUTH_LOGIN and HTTP_AUTH_PASSWD instead of CURLOPT_USERPWD?

Incidentally, whatever options I try, I'm getting the following response from Plesk.

HTTP/1.1 404 Not Found
X-UA-Compatible: IE=EmulateIE7
Content-Type: text/html
Content-Length: 345
Date: Wed, 27 Jun 2012 14:58:15 GMT
Server: sw-cp-server
<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>404 - Not Found</title>
 </head>
 <body>
  <h1>404 - Not Found</h1>
 </body>
</html>

* Parallels Plesk Panel 9.5:: API RPC Protocol Developer Guide > Client Code Samples > PHP Client Application

2条回答
我欲成王,谁敢阻挡
2楼-- · 2019-08-19 06:57
  1. Plesk uses its own headers. In a custom HTTP request you can add any valid headers. For example, some webservers add their own headers like 'powered by: xxxx', so it’s okay.
  2. The pretty print header is required for pretty XML output.
  3. The HTTP_AUTH_LOGIN header contains the panel user login name. The HTTP_AUTH_PASSWD header contains the panel user password. CURLOPT_USERPWD is not required.
  4. Try using these options:

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_ENCODING, 'UTF-8');
    curl_setopt($ch, CURLOPT_POSTFIELDS, $packet);
    curl_setopt($ch, CURLOPT_TIMEOUT, 1200); //wait 20min
    $response = curl_exec($ch);
    
查看更多
beautiful°
3楼-- · 2019-08-19 07:05

For point 4:

404 would mean the file .../enterprise/control/agent.php has been removed from the server. Many were doing it few months ago to protect from security vulnerability before the patch has been shipped. I would recommend to check /usr/local/psa/admin/logs/httpsd_access_log file for errors and also availability of /usr/local/psa/admin/htdocs/enterprise/control/agent.php

查看更多
登录 后发表回答