curl-users
Re: Problem connecting to password protected page
Date: Wed, 26 Nov 2003 00:35:38 -0600
I tried pulling this page:
and got back a cookie in the headers:
Set-Cookie: :xCOOKIEx:=OTk5ODgxMTEw; expires=Saturday, 27-Dec-2003 09:14:09 GMT; path=/; domain=.premiereinteractive.com;
The form also contains a couple of hidden fields that you didn't send back:
input type="hidden" name="iGate" value="OTk5ODgxMTEwJmlTZXNpZD00NzY4NjE2MA=="
input type="hidden" name="iType" value="MAIN"
So, your curl command could look something like this:
curl -s -S -L -b cookiefile -c cookiefile \
-d "iUserName=mylogin" \
-d "iPassword=mypassword" \
-d "submit=Submit" \
-d "iGate=OTk5ODgxMTEwJmlTZXNpZD00NzY4NjE2MA==" \
-d "iType=MAIN" \
https://members.premiereinteractive.com/pcd/eGateChk
You may need to url-encode the iGate value, as it contains "==", which
would equate to "%3d%3d".
It's possible that premierinteractive.com is objecting to your "browser"
user-agent string. you can fake that too, by adding "-A Mozilla/4.0" to
the above command. It wouldn't hurt to add in the referrer, but I've
yet to come across a site that needed it, and I'm running around 1000
tests against several hundred servers...
Ralph Mitchell
Mayuresh Kadu wrote:
>Maybe what u need is a valid "REFERER". Refer to Point 7.0 on
>http://curl.haxx.se/docs/httpscripting.html. It says
>
>"A HTTP request may include a 'referer' field, which can be used to tell
>from which URL the client got to this particular resource. Some
>programs/scripts check the referer field of requests to verify that this
>wasn't arriving from an external site or an unknown page. While this is a
>stupid way to check something so easily forged, many scripts still do it.
>Using curl, you can put anything you want in the referer-field and thus more
>easily be able to fool the server into serving your request."
>
>Use curl to set the referer field with:
>
>curl -e http://curl.haxx.se daniel.haxx.se
>
>Hope this helps ..
>
>
>- Mayuresh
>
>
>-----Original Message-----
>From: curl-users-admin_at_lists.sourceforge.net
>[mailto:curl-users-admin_at_lists.sourceforge.net]On Behalf Of Gary Danko
>Sent: Wednesday, November 26, 2003 12:29 AM
>To: curl-users_at_lists.sourceforge.net
>Subject: Re: Problem connecting to password protected page
>
>
>Okay I am getting somewhere. I can authenticate but I am getting an
>error... Still plodding along but I thought I'd post it anyway. :)
>
>[baracus:~] gdanko% curl -v -e
>"http://www.premiereinteractive.com/cgi-bin/members.cgi?stream=shows/PHILHEN
>DREAL20031121&site=philhend&type=real_show"
>-d "iUserName=mylogin&iPassword=mypassword&submit=Submit"
>https://members.premiereinteractive.com/pcd/eGateChk
>* About to connect() to members.premiereinteractive.com:443
>* Connected to authstream.premiereinteractive.com (65.83.107.249) port 443
>* SSL connection using DES-CBC3-SHA
>* Server certificate:
>* subject: /C=US/ST=California/L=Sherman Oaks/O=Premiere Radio
>Networks/OU=Premiere Interactive/CN=members.premiereinteractive.com
>* start date: 2002-09-16 00:00:00 GMT
>* expire date: 2004-10-07 23:59:59 GMT
>* common name: members.premiereinteractive.com (matched)
>* issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server
>Certification Authority
> > POST /pcd/eGateChk HTTP/1.1
>User-Agent: curl/7.10.2 (powerpc-apple-darwin7.0) libcurl/7.10.2
>OpenSSL/0.9.7b zlib/1.1.4
>Host: members.premiereinteractive.com
>Pragma: no-cache
>Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
>Referer:
>http://www.premiereinteractive.com/cgi-bin/members.cgi?stream=shows/PHILHEND
>REAL20031121&site=philhend&type=real_show
>Content-Length: 55
>Content-Type: application/x-www-form-urlencoded
>
>iUserName=mylogin&iPassword=mypassword&submit=Submit<HTML>
><BODY>
><CENTER>
><BR>
><BR>
><font size=4>
>Sorry, the following error has occurred:
><BR>
><p>Our subscription application expects to be called via a link from a
>publisher's web site.<br>It also expects to be provided with a valid
>magazine identifier.<br>It will not run correctly otherwise.<br>
><BR>
>We are unable to continue processing your request at this time.
><BR>
>The site Webmaster has been notified.
><BR>
>Please try again later.</font>
></CENTER>
></BODY>
></HTML>
>* Connection #0 left intact
>* Closing connection #0
>
>
>Daniel Stenberg wrote:
>
>
>
>>On Tue, 25 Nov 2003, Gary Danko wrote:
>>
>>
>>
>>
>>>I still have to authenticate though.. that is the problem.
>>>
>>>Remember I go from the first URL (audioarchives) to
>>>members.premiereinteractive.com where I have to authenticate with an HTML
>>>form. I then go back to audioarchives. It loops me around and I do not
>>>
>>>
>know
>
>
>>>how to handle the form-based authentication and the looping back to my
>>>starting point.
>>>
>>>
>>I would recommend you to get a grip of the basics by reading The Art Of
>>Scripting HTTP Requests Using Curl:
>>
>> http://curl.haxx.se/docs/httpscripting.html
>>
>>
>>
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: SF.net Giveback Program.
>Does SourceForge.net help you be more productive? Does it
>help you create better code? SHARE THE LOVE, and help us help
>YOU! Click Here: http://sourceforge.net/donate/
>
>
>
>-------------------------------------------------------
>This SF.net email is sponsored by: SF.net Giveback Program.
>Does SourceForge.net help you be more productive? Does it
>help you create better code? SHARE THE LOVE, and help us help
>YOU! Click Here: http://sourceforge.net/donate/
>
>
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
Received on 2003-11-26