I am trying to understand a how form submits work. Currently, I am signing on to this site: Work website What I would like to do is use Postman or curl
to sign in.
In the form is see 4 possible keys:
Username
,Password
,ClientID
andRemember
.
Invalid Login
error. Can anyone help me solve this? If it is because of the cookies, is there a way to set this with Postman? Perhaps in the header
keys and values area?
Here is all the inputs of the form:
<form
action="login-process.asp"
method="post"
name="form1"
id="form1" onsubmit="MM_validateForm('ClientID','','R','Username','','R','Password','','R');return document.MM_returnValue">
...
<input
name="ClientID"
type="hidden"
id="ClientID"
value="LVSandsExpoCC">
...
<input
name="Username"
type="text"
id="Username"
value="">
...
<input
name="Password"
type="password"
id="Password">
...
<input
type="submit"
name="Submit"
value="Submit">
The MM_validateForm() (after validates it updates the cookies)
var myDate = new Date();
myDate.setDate(myDate.getDate() + 365);
if (document.getElementById("Remember").checked) {
jaaulde.utils.cookies.set("CelayixRemember", encodeURIComponent(document.getElementById("ClientID").value + "|" + document.getElementById("Username").value), {
secure: true,
expiresAt: myDate
});
} else {
jaaulde.utils.cookies.set("CelayixRemember", "", {
secure: true,
expiresAt: myDate
});
}
setClientPath();
}
I suspect this has to do with the ASPSESSIONIDASBUBTDA
cookie. This is what Chrome sends when I try to login on the page you mentioned: ( image here )
You'll need to retrieve your value using Chrome and use it when making a request with Postman or CURL.
So, a CURL command should look like this:
curl "https://websandsexpo.celayix.com/sandsexpo/login-process.asp"
--data "ClientID=LVSandsExpoCC&Username=<username>&Password=<password>&Submit=Submit"
--cookie "ASPSESSIONIDASBUBTDA=<value>" --cookie-jar ./cjar --compressed -L
-L
in the command above ensures that CURL follows the redirection if it is set in the Location
header. --cookie-jar
saves your cookies in a file so you can reuse them in future requests.
In Postman, I suppose, the cookie should be set as a request header explicitly.
PS I strongly doubt the MM_validateForm()
function is any relevant here, as it only handles the cookie expiration date.
As it turns out for Postman, my problem was this:
I was using Postman
to send form-data
but when viewing the dev tools network
tab I see that the content type is x-www-form-urlencoded
.
In Postman
you have this option to send in the body form-data
as well as x-www-form-urlencoded
. I had form-data selected which is why it did not authenticate.
As far as MM_validateForm()
, I disabled Javascript and was still able to log in. So it seems this was not the reason for my failed login in this case.
as the user makeiteasy
said,
PS I strongly doubt the MM_validateForm() function is any relevant here, as it only handles the cookie expiration date. -
makeiteasy
(Stackoverflow user)
and this is very true.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.