hc-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Charles Johnson" ...@proteanit.net>
Subject Re: Horseplay - https
Date Mon, 12 Jan 2004 12:09:57 GMT
Thanks Roland - that's a great start!

CJ
----- Original Message -----
From: "Roland Weber" <ROLWEBER@de.ibm.com>
To: "Commons HttpClient Project" <commons-httpclient-dev@jakarta.apache.org>
Sent: Monday, January 12, 2004 9:16 AM
Subject: Re: Horseplay - https


> Hello Charles,
>
> you suspect correctly, the login form comes from
> https://reg.racingpost.co.uk/cde/login_iframe.sd
> as you can easily verify by accessing that URL directly
> in your browser. From there, the login form is sent as
> a POST request to reg.racingpost.co.uk
>
> HttpClient can deal with the requests that need to be
> sent to the server. Unfortunately, there is plenty of
> JavaScript in www.racingpost.co.uk, and HttpClient
> won't help you with that. Also, the interaction between
> www.racingpost.co.uk and reg.racingpost.co.uk needs
> further analysis.
> In the easiest case, reg.racingpost.co.uk sets a cookie
> for .racingpost.co.uk as the result of the successful
> login. Then, you can use HttpClient without a problem.
>
> I suggest you try and send the equivalent of the POST
> request that is generated in the login IFrame and see
> what comes back. If you have problems with SSL
> support, you can refer to the SSL guide at
> http://jakarta.apache.org/commons/httpclient/sslguide.html
> and to the mailing list archives.
>
> cheers,
>   Roland
>
>
>
>
>
>
>
> "Charles Johnson" <cj@proteanit.net>
> 11.01.2004 21:44
> Please respond to "Commons HttpClient Project"
>
>         To:     "Commons HttpClient Project"
> <commons-httpclient-dev@jakarta.apache.org>
>         cc:
>         Subject:        Horseplay - https
>
>
> My objective is to log in to this site using httpclient:
>
> http://www.racingpost.co.uk/horses
>
> The first problem is that I can't see the connection between the following
> request (gleaned from my browser + proxy) and the login form you see at
> the
> top of the page. Evidently this GET request (why no POST?) has an
> encrypted
> parameter string. Where has it come from? Where has the parameter name
> come
> from? Is it anything to do with this, which is in the page?:
>
> <IFRAME SRC="https://reg.racingpost.co.uk/cde/login_iframe.sd" etc.
>
> Can httpclient cope?
>
>
> Here's the request:
>
> 2. Then log in using the button at the top:
> ------------------------------------------
> REQUEST
> -------
> GET
> /horses/?MIval=rp_reg_init&TMP_CK_CK=%7Fv%7Dw5u%2F2%23%24%22VML%5BCUGBJY
> HTTP/1.1
> Host: www.racingpost.co.uk
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-GB; rv:0.9.4)
> Gecko/20011128 Netscape6/6.2.1
> Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9,
> image/png, image/jpeg, image/gif;q=0.2, text/plain;q=0.8, text/css,
> */*;q=0.1
> Accept-Language: en-gb
> Accept-Encoding: gzip, deflate, compress;q=0.9
> Accept-Charset: utf-8, *
> Keep-Alive: 300
> Cookie: session.ID=IDa200fff6130d72; PermRpLogin=httpclient
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> commons-httpclient-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> commons-httpclient-dev-help@jakarta.apache.org
>
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-httpclient-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-httpclient-dev-help@jakarta.apache.org


Mime
View raw message