hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From JYu...@aol.com
Subject Re: Problem posting login information to a website
Date Sat, 04 Feb 2006 15:55:06 GMT
In a message dated 1/31/2006 10:55:29 P.M. Roland wrote
>You can *not* get the target URL of a form POST by copying and pasting  the
>URL from a browser. You get the URL of the form POST by looking at  the HTML
>source code of the page that provides the form. There, you  search for a tag

><form method="POST"  target="*this*is*the*URL*to*POST*to">
also, in agreement with Roland, Chris Merrill wrote:
>As Roland pointed out, you should not get the URL for a POST this way  - the
>correct URL may never appear in the URL field of the  browser.

>There are several HTTP analyzers that can get you the  information you need.
>On IE, you can try plugins from httpwatch.com,  ieinspector.com or 
>For a standalone tool compatible with  other browsers, you can try our free
>Analyzer product:

>  http://webperformanceinc.com/analyzer/

Thanks to both of you for your advice.  I was finally successful in  getting 
the POST to work properly on this particular site.  In the spirit  of sharing 
solutions as well as problems, let me tell you how I solved the  problem and 
how each of you helped.
The basic solution: On this particular web site, when you go from a page A  
to a page B, you use the URL of page B in the PostMethod  constructor and add 
the URL of page A to the "Referer" field of the  Request Header. 
While, in general, you cannot get the URL for a POST by copying and  pasting 
a page's URL from the navigation bar, in this instance, I  could have done 
just that, if only I knew which page's URL to copy and  paste!  I found out the 
appropriate URL by downloading a free  copy of the Web Performance Analyzer and 
using it with an IE browser  to browse the web site in question.  I ran into 
one snag, however.   When I tried to navigate from the logon screen to the 
screen showing my  account balance,  the Analyzer told me it could not perform 
some  additional functions without my downloading a free, 14-day demo  license 
from the Web Performance web site.  I did this and found that the  URL I needed 
for the POST command was simply the URL of the page displaying my  account 
balance and that the "Referer" header I had to include with my  request was just 
the URL of the Login page. the final Java code snippet is  as follows:
urlA = URL of Login page
urlB = URL of page showing account balance
public PostMethod PostIt() {
PostMethod pmethod = new  PostMethod(urlB);
NameValuePair[] data =  {
new NameValuePair("VTI-GROUP",  "0"), //Hidden Field
new NameValuePair("partId","tuvwxyz"),  //User I.D.
new  NameValuePair("password","abcde"), //Password
new  NameValuePair("acrover", ""), //Hidden  Field
new  NameValuePair("fileDigit", "W") /Hidden  Field         
return  pmethod;
I have never come across a site that requires the page you go to, to check  
the URL of the page you came from, but I suppose there is a first time for  
everything.  It seems to be a kind of security constraint meant  to channel site 
visitors through certain pages to get to  others.   This works for browser 
users, but  the addRequestHeader("Referer", urlA) in Java HttpClient allows you 
to  go directly to the page you want, carrying along the URL of the 
"preceeding"  page.
I found the Web Performance Analyzer to be very useful, but the price for a  
permanent license looks a bit steep to me.  Any chance of a deal?  (:-))

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message