cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Access is denied due to an ACL set Dan Fandrich (2007-06-29)

From: Guirong Wang <guirong2004_at_yahoo.com>
Date: Fri, 29 Jun 2007 13:02:04 -0700 (PDT)

  
  Thank you very much for your reply.
>Have you compared what curl sends with what you get from LiveHTTPHeaders?
>Obviously, something is missing. --trace-ascii should show you what.
   
  The following lists part of the LiveHTTPHeaders and part of the trace file from
  Curl
   
  ***************************************************************************************************
  In LiveHTTPHeaders,
   
  …
  Content-Disposition: form-data; name="transaction"
   
  fileuploadnowiz
  -----------------------------20452572828792
  Content-Disposition: form-data; name="cookie"
   
  siLockLongTermInstID=6688; ASP.NET_SessionId=flflai45fsnmncjf42wpfd55; DMZCookieTest=342156
  -----------------------------20452572828792
  Content-Disposition: form-data; name="server"
   
  www.somesite.net
  -----------------------------20452572828792
  Content-Disposition: form-data; name="url"
   
  /home/humanresource.aspx
  -----------------------------20452572828792
  Content-Disposition: form-data; name="instid"
   
  9466
  -----------------------------20452572828792
  Content-Disposition: form-data; name="customwizlogonenabled"
   
  1
  -----------------------------20452572828792
  Content-Disposition: form-data; name="customwiznameupload"
   
  INSUISFT Upload Wizard
  -----------------------------20452572828792
  Content-Disposition: form-data; name="Arg12"
   
  home
  -----------------------------20452572828792
  Content-Disposition: form-data; name="Arg06"
   
  559187
  -----------------------------20452572828792
  Content-Disposition: form-data; name="Arg01"
   
  648976
  -----------------------------20452572828792
  Content-Disposition: form-data; name="Arg02"; filename="test1.txt"
  Content-Type: text/plain
   
  This is just a test file for uploading.
   
   
   
  -----------------------------20452572828792
  Content-Disposition: form-data; name="Upload This File"
   
  - Upload -
  -----------------------------20452572828792--
  HTTP/1.x 303 See Other
  Connection: close
  Date: Fri, 29 Jun 2007 18:07:45 GMT
  Server: Microsoft-IIS/6.0
  X-Powered-By: ASP.NET
  Location: /home/humanresouce.aspx?Opt10=3338095&Opt11=&Arg01=648976&Arg06=559187&Arg12=home&Upload The File=%2d+Upload+%2d&cookie=siLockLongTermInstID%3d6688%3b+ASP%2eNET%5fSessionId%3dflflai45fsnmncjf42wpfd55%3b+DMZCookieTest%3d342156&customwizlogonenabled=1&customwiznameupload=INSUISFT+Upload+Wizard&instid=6688&server=www%2esomesite%2enet&transaction=fileuploadnowiz&url=%2fhome%2fhumanresouce%2easpx
   
  ****************************************************************************************************
  While with curl –trace-ascii, the trace file contains the following:
   
  …
   
        Content-Disposition: form-data; name="transaction"
  0060:
  0062: fileuploadnowiz&cookie=siLockLongTermInstID%3D9466%3B%20ASP.NET_
  00a2: SessionId%3Dz44gvt45fwujyk4511mkigyz%3B%20DMZCookieTest%3D123456
  00e2: &server=www.somesite.net&url=/home/humanresource.aspx&instid=9466&customw
  0122: izlogonenabled=1&customwiznameupload=INSUISFT+Upload+Wizard&Arg12=home&
  0162: Arg06=559187&Arg01=648976&Arg02=@test1.txt&Upload+The+Fi
  01a2: le=-+Upload+-
   
  <= Recv header, 24 bytes (0x18)
  0000: HTTP/1.1 303 See Other
  <= Recv header, 19 bytes (0x13)
  0000: Connection: close
  <= Recv header, 37 bytes (0x25)
  0000: Date: Fri, 29 Jun 2007 18:25:47 GMT
  <= Recv header, 27 bytes (0x1b)
  0000: Server: Microsoft-IIS/6.0
  <= Recv header, 23 bytes (0x17)
  0000: X-Powered-By: ASP.NET
  <= Recv header, 504 bytes (0x1f8)
  0000: Location: ?Opt10=0&Opt11=An error occurred as a result of an invalid
  0040: or negative response.&transaction=fileuploadnowiz%26cookie%
  0080: 3dsiLockLongTermInstID%3d6688%3b+ASP%2eNET%5fSessionId%3dz44gvt4
  00c0: 5fwujyk4511mkigyz%3b+DMZCookieTest%3d342156%26server%3dwww%2ebci
  0100: daho%2enet%26url%3d%2fhome%2fhumanresouce%2easpx%26instid%3d6688%26cust
  0140: omwizlogonenabled%3d1%26customwiznameupload%3dINSUISFT+Upload+Wizard%26
  0180: Arg12%3dhome%26Arg06%3d559187%26Arg01%3d648976%26Arg02%3d%40test
  01c0: 1%2etxt%26Upload+The+File%3d%2d+Upload+%2d
   
  ***************************************************************************************************
  When compare the LiveHTTPHeaders with the trace file, I found the following
  differences:
   
  First, in the LiveHTTPHeaders, each form field is listed as a variable and followed by its value, but in the trace file, only “transaction” is listed as a variable, all the others and the corresponding values are listed as the value of “transaction”. When I do the curl, I used curl –F “transaction=fileuploadnowiz&cookie=siLockLongTermInstID%3d6688%3B%20ASP.NET_Session%3D…..” URL
   
   
   
  Second, in the LiveHTTPHeaders, in the location address, there is 7-digit value for Opt10 and nothing for Opt11, while in the trace file, the value for Opt10 is 0 and the value for Opt11 is “An error occurred….”. For the value of Opt10 in LiveHTTpHeaders, I don’t know where it comes from, but this value changes whenever I relog in. It might be created by JavaScript. I notice there are some JavaScript code in the source file. If this is the case, does this mean I have no way to continue to the correct redirection page?
   
  Third, in the location address of LiveHTTPHeaders, there is “=” between each pair of variable and value, while in the location address of the trace file, there is url encoded code for “=” between each pair of variable and value except the first three pairs. This might be caused by First difference as above, but does this matter?
   
  Fourth, in the LiveHTTPHeaders, the location begins with /home/humanresouce.aspx?Opt10=…… while in the trace file the location begins with ?Opt10=……
   
   
>Sounds like you need the --user and --anyauth options to provide user
credentials to the site.
  I also tried –u user:password and –-anyauth, but neither helps.
   
  Thanks again.

 
---------------------------------
Food fight? Enjoy some healthy debate
in the Yahoo! Answers Food & Drink Q&A.
Received on 2007-06-29