hc-httpclient-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ggcampbell <g...@comcast.net>
Subject Re: https and aspx
Date Sat, 10 Nov 2007 17:54:15 GMT

After figuring out about the single header my self I found your reference to
http.protocol.single-cookie-header
But I found some weird sites that accept only single header cookies but send
multi
header cookies.  By turning on http.protocol.single-cookie-header the
response headers
were missinterpreted skipping the second and later cookies.

The biggest problem with the ASPX sites was the need for

httpclient.getParams().setParameter("http.protocol.expect-continue",true);
Would it make any difference to make this the default behavior of
HttpClient?

Having looked at a number of sites, it is amazing the random combination of
<form>
Javascript and cookies implemented for login.
There was even one cookie with and .getTime() which seems to be interpreted
by 
the browser as a number which is updated every second.
  
Certainly few sites used the Keep It Simple Stupid style.
 


olegk wrote:
> 
> 
> On Thu, 2007-11-08 at 12:51 -0800, ggcampbell wrote:
>> I have been trying to login into a variety of ASPX sites.
>> I am able to establish the https connections because I can retrieve the
>> login page from https.
>> But the form submission does not seem to work.  The sites do not respond
>> with the page after
>> login.
>> I can log into the site with firefox or IE.
>> 
> 
> Same here. Capture HTTP requests generated by the browser using a
> traffic analyzer or a proxy, customize HttpClient to generate identical
> (compatible) requests.
> 
>> Strangely, if I retreive the cookies for firefox or IE and the send them
>> to
>> the web address
>> I get back the page as if httpclient had logged in.
>> 
>> I wonder if the form encoding is sending the proper format.
>> 
>> On a separate issue I found that the cookies needed to be encode like: 
>>     Cookie: a=b; c=d; e=f
>> but 
>>     Cookie: a=b
>>     Cookie: c=d
>> Failed
>> 
>> Any ideas? 
> 
> Use 'http.protocol.single-cookie-header' parameter to force all cookies
> into one request header.
> 
> http://jakarta.apache.org/httpcomponents/httpclient-3.x/cookies.html
> 
> Hope this helps
> 
> Oleg
> 
> 
>>   I wonder if someone knows an aspx site which would just bounce
>> back the 
>> form submission elements from an https POST.
>> 
>> Thanks
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: httpclient-user-help@jakarta.apache.org
> 
> 
> 

-- 
View this message in context: http://www.nabble.com/https-and-aspx-tf4773539.html#a13684258
Sent from the HttpClient-User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: httpclient-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: httpclient-user-help@jakarta.apache.org


Mime
View raw message