curl-and-php
Re: Help interpreting headers
Date: Mon, 03 Dec 2007 11:54:53 -0800
Hi David,
First:
The "targetURL=..." line is not something added to the header, it is the
post data. The ampersands (&) separate the key=value pairs. If the value
is the empty string, such as is the case for targetURL, the = character
will be next to the & character. POST data and GET data are both encoded
in the same way. Multipart/form-data is a little different, but that's
not what you're trying to do.
To pass post data to the server, add something like the following to
your code, assuming $ch is an initialized curl handle:
$postFields =
"targetURL=&frmLoginUser=354611&frmLoginPass=notthepass&x=31&y=2";
curl_setopt($ch, CURLOPT_POSTFIELDS, $postFields);
This will set the type of request to POST and the "Content-Type" header
to "application/x-www-form-urlencoded".
Second:
The x and y values are the x and y coordinates of where you clicked on
the submit button, which I suspect is an image button. They're probably
ignored by the server. If they aren't ignored, you can just set them
both to 5 or something so that the server has some kind of value.
Third:
It looks like Firefox is treating the 302 response like a redirect by
automatically grabbing the page from the new location. You could get
around this step by requesting the new location the first time:
private/index.asp. The other requests after that are for page elements
referenced by private/index.asp. You probably don't need to grab these
files with curl unless they actually have content you want to process,
in which case you would have to explicitly grab them using curl.
Let us know how it turns out,
Morgan Galpin
David Colter wrote:
> Can anyone please help me with the following header info and 3 questions regarding them? Any assistance would be greatly appreciated.
>
> First, in the initial header sent, the last entry is Content-Length: 61 (with on the next line)
> targetURL=&frmLoginUser=354611&frmLoginPass=notthepass&x=37&y=10. My thought is to send it as an additional string in the header along with the Cookie: ASPSESSIONID....
> How do I code this when the LiveHTTPheaders Generator seems to be showing it as a query string? (also included below)
>
> Second, any ideas on what the 'x' and 'y' are at the end of that targetURL line? These values come out different each time I submit the form and view the header. I'm stumped as to where it comes from. A form analyzer shows the value of '0'.
>
> Third, the POST to the ps_login.asp page returns a code 302, 3 .asp pages and 12 image files in a corresponding number of headers. In what manner do I need to handle these? Are these redirects?
>
> Sample from LiveHTTPheaders. First 2 of the header blocks refered to above
>
> https://www.aapilots.com/ps_login.asp
>
> POST /ps_login.asp HTTP/1.1
> Host: www.aapilots.com
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.12) Gecko/20070508 Firefox/1.5.0.12
> Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: https://www.aapilots.com/public/flash/login.asp
> Cookie: ASPSESSIONIDCABSBRDD=DNGHOGGAFNOPEADKCICOLHEE
> Content-Type: application/x-www-form-urlencoded
> Content-Length: 61
> targetURL=&frmLoginUser=354611&frmLoginPass=notthepass&x=31&y=2
>
> HTTP/1.x 302 Object moved
> Date: Sat, 01 Dec 2007 23:10:35 GMT
> Server: Microsoft-IIS/6.0
> X-Powered-By: ASP.NET
> Location: private/index.asp
> Content-Length: 138
> Content-Type: text/html
> Set-Cookie: AXCOOKIELOGIN=%3C354611%3EXBTV%2EEgEyK9JEhYJ3ZX98%2F; path=/
> Cache-Control: private
>
> https://www.aapilots.com/private/index.asp
>
> GET /private/index.asp HTTP/1.1
> Host: www.aapilots.com
> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.12) Gecko/20070508 Firefox/1.5.0.12
> Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
> Accept-Language: en-us,en;q=0.5
> Accept-Encoding: gzip,deflate
> Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
> Keep-Alive: 300
> Connection: keep-alive
> Referer: https://www.aapilots.com/public/flash/login.asp
> Cookie: ASPSESSIONIDCABSBRDD=DNGHOGGAFNOPEADKCICOLHEE; AXCOOKIELOGIN=%3C354611%3EXBTV%2EEgEyK9JEhYJ3ZX98%2F
>
> HTTP/1.x 200 OK
> Date: Sat, 01 Dec 2007 23:10:35 GMT
> Server: Microsoft-IIS/6.0
> X-Powered-By: ASP.NET
> Cache-Control: private, private, private, private, private, no-cache
> Expires: 0, 0, 0, 0, Fri, 30 Nov 2007 23:10:34 GMT
> Pragma: no-cache
> Content-Length: 748
> Content-Type: text/html
>
> And a portion of the output of the LiveHTTPheader Generator page
>
> #request# POST https://www.aapilots.com/ps_login.asp
> POST /ps_login.asp targetURL=&frmLoginUser=354611&frmLoginPass=notthepass&x=31&y=2
> #request# GET https://www.aapilots.com/private/index.asp
> #request# GET https://www.aapilots.com/private/nav.asp
> #request# GET https://www.aapilots.com/private/private_home.asp
> GET /private/nav.asp
> #request# GET https://www.aapilots.com/private/hierArrays.js
> GET /private/hierArrays.js
> #request# GET https://www.aapilots.com/private/hierMenus.js
> GET /private/hierMenus.js
> #request# GET https://www.aapilots.com/images/nav_header.gif .....
>
> Thanks in advance,
> David
>
>
>
>
> ____________________________________________________________________________________
> Never miss a thing. Make Yahoo your home page.
> http://www.yahoo.com/r/hs
>
> _______________________________________________
> http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
>
_______________________________________________
http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-and-php
Received on 2007-12-03