Getting data from a secure web page
sarah.reichelt at gmail.com
Wed Feb 3 19:40:43 EST 2010
OK, I think I'm going round in every decreasing circles.... but I
thought I would describe the steps I am taking, in case anyone else
found it useful.
Using Firefox and Firebug to check what is going on, I see the following:
I connect to <https://memberservices.optuszoo.com.au/login/?target=/myusage/>.
I enter my details and these get POST'ed.
The result is a 302 that redirects to
<https://memberservices.optuszoo.com.au/myusage/>, using GET with no
This page has the data that I need.
As far as I can see, there are no authentication headers, although
there is response header: "Set-Cookie:global_auth=....".
But checking the request headers for the second page (after the 302),
I see that there was a header:
Not surprisingly, the global_auth section of the Cookie matches
global_auth section of the Set-Cookie response from the original page.
The JSESSIONID seems to be generated by the browser as part of the
Setting the httpHeaders to this and using
get URL "https://memberservices.optuszoo.com.au/myusage/"
with no user name & password supplied, did give me the data I
needed.... sometimes :-(
Both the JSESSIONID and the global_auth vary on repeated tests,
although I can see my user name embedded in the global_auth, as well
as a consistent set of numbers that is presumably my password
I have found that sometimes I get a JSESSIONID returned as part of the
libURLLastRHHeaders() from the login page, and sometimes I get the
global_auth. But I haven't been able to predict what I will get. If I
don't get the global_auth, then even using a previous JSESSIONID &
global_auth does not seem to work.
Trevor, I downloaded your framework and got the modified libURL, but
the stack won't open - it says it is corrupt. I wonder is this due to
the multi-dimensional arrays stored as custom properties bug?
I opened the stack in a text editor and copied the scripts into a new
stack and tried using it instead, but not even a basic "get" worked
then, so I can't have done that right.
So a few questions for Trevor:
- is there a version of your libURL that opens in Rev 4.0 or 4.5?
- how do I make it the default instead of the current one?
- how do I set up the callback? I am familiar with using callbacks for
the asynchronous FTP commands but then I create a handler that gets
the callback message and processes it. What do I need to do in this
callback handler to make it follow the redirect?
Jim, I found your earlier thread about this sort of thing, but even
following your advice about headers, I still can't get it to work
Thanks everyone for your patience and helpful suggestions.
More information about the Use-livecode