cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Https problem

From: Daniel Stenberg <Daniel.Stenberg_at_netinsight.se>
Date: Fri, 31 Mar 2000 09:54:06 +0200

Mark Wolfe wrote:

> The reason i am trying to use curl to post to https is I want to use
> curl to allow for a secure transaction gateway. The transaction gateway
> is NT. The reason i am using a htm is for testing purposes only that
> will later become an asp page calling MTS components.

So your .htm file is capable of receiving a POST request? I'm not familiar
with NT web servers, but all the unix ones I've used would give me a return
code if I try to post to a HTML page. What exactly would such a post
accomplish?

The error code from the server also points to the fact that you're using curl
the wrong way, not that curl is misbehaving.

> The reason i want to use curl is because i have no idea how to do the
> same thing as curl in C purpose built for what i need. If you have any
> ideas on a piece of software that could assist me in this as an
> alternative to curl i would also be very appreciative.

I'm not sure what I can do. Do I really write that bad english so that my
message is lost entirely?

What I am trying to say is that curl is capable of doing what you want.
You're doing the classical mistake of blaming the tool for malfunctioning
before you've sorted out how to use it.

So, I asked you what the form looks like that you're trying to "fake" in
order to help you make a proper curl command line so that it would work.

Since you didn't, I'll make a guess about how things look like and how to use
curl to do your post:

1. There is a web page, or at least there is HTML code that your browser
reads and it presents a form for you. It probably has a field to enter user
name, a field for password and possibly a few hidden fields. It could look
something like:

        <form method="post" action="goo.cgi">
        <input type=text name=user value="">
        <input type=password name=password value="">
        <input type=hidden name=id value="blabla123">
        <input type=submit name=submit value="login">
        </form>

(the form is in a page hosted by a https:// server)

2. By using the 'formfind.pl' perl script from the curl web site, you can get
help to extract all the above info.

3. Now, you want to use curl to post that form, easy!

   We fill in user 'daniel' with password 'stenberg' below, do note that if
the original page with the form is https://<whatever>/text.html the place to
post to is mentioned in the <form> tag and in this case it takes us to
https://<whatever>/goo.cgi.

curl -d "user=daniel&password=stenberg&id=blabla123&submit=login"
https://<whatever>/goo.cgi

No, I don't know of any other tool than curl that would do this for you.

--
 Daniel Stenberg, Software Developer
 Daniel.Stenberg_at_haxx.nu, +46-705-443177, www.contactor.se/~dast
Received on 2000-03-31