Brad Bansner
asked on
How to send an HTTPS POST to an external URL and receive response using Classic ASP
Many years ago, I needed a way to send POST requests via HTTPS in order to interact with APIs such as Authorize.Net and UPS Online Tools, among others, from my Classic ASP pages.
I found a Windows server component (DLL) called KHTTP that would send out the requests and put the results into an ASP variable. It worked with HTTP and HTTPS, as well as regular POST and XML data, could pull in the content from any external URL (even if not POSTing data), and I have used it with a variety of APIs (and for other purposes) over the years. The component seems to be out-of-date at this point, although I still use it for many websites since it works well at what it does:
http://webscripts.softpedia.com/script/Networking-Tools/KHTTP-Component-30862.html
However, at the moment, I am trying to do HTTPS POST requests to one of the PayPal APIs. KHTTP does not seem to be working, because (I am told by PayPal tech support) it is likely the component is making my data urlencoded.
I'm a little confused by that, because I have used it successfully with many other APIs… notable ones too, such as the aforementioned Authorize.Net and UPS Online Tools. I don't know why their requirements for a POST request would be different from PayPal's.
I even setup my own listener, received my own POST, and the data seems to come through fine.
I don't fully understand the urlencoded issue, I thought that is something related to GET requests, not POST.
Using KHTTP, I don't have any option to send the data any other way. I simply assign a bunch of name/value pairs, I have the option to POST or GET, then put in the https URL, and the component does the rest, putting the response into a variable.
So if PayPal tech support is right, then a different component/utility function would be the next thing to try.
So, I need an alternative to KHTTP that will interface correctly with PayPal's API. Does this need to be a DLL that I install on the server? Or is there some other way to do this? It has been a long while since I have researched this kind of thing. All I really need to do is:
1. Assign name/value pairs.
2. POST to PayPal's API.
3. Receive the response back.
Would really appreciate any advice.
Thank you!
I found a Windows server component (DLL) called KHTTP that would send out the requests and put the results into an ASP variable. It worked with HTTP and HTTPS, as well as regular POST and XML data, could pull in the content from any external URL (even if not POSTing data), and I have used it with a variety of APIs (and for other purposes) over the years. The component seems to be out-of-date at this point, although I still use it for many websites since it works well at what it does:
http://webscripts.softpedia.com/script/Networking-Tools/KHTTP-Component-30862.html
However, at the moment, I am trying to do HTTPS POST requests to one of the PayPal APIs. KHTTP does not seem to be working, because (I am told by PayPal tech support) it is likely the component is making my data urlencoded.
I'm a little confused by that, because I have used it successfully with many other APIs… notable ones too, such as the aforementioned Authorize.Net and UPS Online Tools. I don't know why their requirements for a POST request would be different from PayPal's.
I even setup my own listener, received my own POST, and the data seems to come through fine.
I don't fully understand the urlencoded issue, I thought that is something related to GET requests, not POST.
Using KHTTP, I don't have any option to send the data any other way. I simply assign a bunch of name/value pairs, I have the option to POST or GET, then put in the https URL, and the component does the rest, putting the response into a variable.
So if PayPal tech support is right, then a different component/utility function would be the next thing to try.
So, I need an alternative to KHTTP that will interface correctly with PayPal's API. Does this need to be a DLL that I install on the server? Or is there some other way to do this? It has been a long while since I have researched this kind of thing. All I really need to do is:
1. Assign name/value pairs.
2. POST to PayPal's API.
3. Receive the response back.
Would really appreciate any advice.
Thank you!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Scott Fell
Here is another similar answer https://www.experts-exchange.com/questions/28374549/Programatically-POST-data-securly.html?anchorAnswerId=39887728#a39887728
Looking at paypal you can see their soap header https://developer.paypal.com/docs/classic/api/PayPalSOAPAPIArchitecture/
Where you see items like
<Username>api_username</Us
that could be
<SOAP-ENV:Header>
<RequesterCredentials xmlns="urn:ebay:api:PayPalAPI" xsi:type="ebl:CustomSecurityHeaderType">
<Credentials xmlns="urn:ebay:apis:eBLBaseComponents" xsi:type="ebl:UserIdPasswordType">
<Username>api_username</Username>
<Password>api_password</Password>
<Signature>api_signature</Signature>
<Subject>authorizing_account_emailaddress</Subject>
</Credentials>
</RequesterCredentials>
</SOAP-ENV:Header>Where you see items like
<Username>api_username</Us
that could be
<%
theXML="<Username>hard_coded_username</Username>"
' or
my_user_name="abc123"
theXML="<Username>"&my_user_name&"</Username>"
%>ASKER
You appear to be using XML in all of these cases. Isn't that different than regular POST "name value pairs"? In fact, the DLL I was using (KHTTP) had a switch that I had to use, to tell it I was posting XML data rather than "regular" data (which I assume is the same as what an HTML form would send, as opposed to XML)?
I'm not sure how to format non-XML data, if that is in fact what PayPal wants. That other answer you pasted above looks kind of promising too, so I will check that out.
Or maybe I am overcomplicating this, and its basically the same thing?
Thanks!
I'm not sure how to format non-XML data, if that is in fact what PayPal wants. That other answer you pasted above looks kind of promising too, so I will check that out.
Or maybe I am overcomplicating this, and its basically the same thing?
Thanks!
The api from paypal I looked up requires SOAP.
For a direct post http://support.microsoft.com/kb/290591
For a direct post http://support.microsoft.com/kb/290591
<%
DataToSend = "id=1"
dim xmlhttp
set xmlhttp = server.Createobject("MSXML2.ServerXMLHTTP")
xmlhttp.Open "POST","http://somesite.com/Receiver.asp",false
xmlhttp.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
xmlhttp.send DataToSend
Response.ContentType = "text/xml"
Response.Write xmlhttp.responsexml.xml
Set xmlhttp = nothing
%>
That's an interesting comment from the Paypal tech. I'm using the Express Checkout API and everything that is posted is (and must be) urlencoded. That is standard practice throughout the web. Some simple values without any punctuation or special characters can be sent without urlencoding but everything else needs it. I'm sure that if you looked at the data that Scott's code is sending you would see that it is definitely urlencoded.
Your link for KHTTP is no longer valid, it redirects to some other web site.
ChillKat has this but you don't need it. http://www.chilkatsoft.com/HttpActiveX.asp
But I can't check KHTTP for this question if I can't download it.
ASKER
I am using this for Payflow Gateway. Does that tell you anything, regarding SOAP and so forth?
Since the question here was about how to do an httppost, I think we have shown that. To prevent this question from getting off tangent, see if what we have shown makes sense.
As for integrating with paypal, I would suggest reading up and giving it a try. We will need more details on your next question such as which exact api are you using, what code have you tried, what error are you getting.
There is payflow link https://www.paypal.com/webapps/mpp/referral/paypal-payflow-link and payflow pro https://www.paypal.com/webapps/mpp/referral/paypal-payflow-pro which is going to be more like what you used on authorize.net.
Paypal pro has developer info https://developer.paypal.com/docs/classic/products/payflow-pro/ and you will see a list of pdf's. One shows you can use either xml or name value pairs https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/pp_payflowpro_guide.pdf
As for integrating with paypal, I would suggest reading up and giving it a try. We will need more details on your next question such as which exact api are you using, what code have you tried, what error are you getting.
There is payflow link https://www.paypal.com/webapps/mpp/referral/paypal-payflow-link and payflow pro https://www.paypal.com/webapps/mpp/referral/paypal-payflow-pro which is going to be more like what you used on authorize.net.
Paypal pro has developer info https://developer.paypal.com/docs/classic/products/payflow-pro/ and you will see a list of pdf's. One shows you can use either xml or name value pairs https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/pp_payflowpro_guide.pdf
TRXTYPE=S&TENDER=C&USER=SuperMerchant&PWD=SuperUserPassword&PARTNER=PayPal&
ACCT=5105105105105100&EXPDATE=1209&AMT=99.06&COMMENT1=Reservation&FIRSTNAME
=John&LASTNAME=Jones&STREET=123 Main St.&CITY=San
Jose&STATE=CA&ZIP=123451234&BILLTOCOUNTRY=US&CVV2=123&CUSTIP=0.0.0.0 ASKER
Thank you so much, I will be checking into all of this later today.
ASKER
In order to verify that I am sending the data correctly, I am trying to setup a listener to bounce back what it is receiving. Before I started messing around with XML, I was using regular FORM-style post data, and I wrote this simple ASP script:
for each item in request.form
response.write(item & "=" & request.form(item) & chr(13) & chr(10))
next
How can I do something similar for my XML data so I can know for sure what I am sending?
for each item in request.form
response.write(item & "=" & request.form(item) & chr(13) & chr(10))
next
How can I do something similar for my XML data so I can know for sure what I am sending?
ASKER
Sorry for the long delay, I was able to get this to work using the sample code provided above. Thank you!