Jump to content

How to send request on secured website

Recommended Posts


How to send Requests on https Website

I tried using


But m not Receiving Any response

m able to retrive https://google.com but same is not available on other site( https://gst.gov.in )

kindly help me

Share this post

Link to post
Share on other sites
16 minutes ago, Danp2 said:

You didn't show us your code, which limits the amount of help we can provide. I suggest that you take a look at this thread


I Would Have Loved To Share My Code But It includes Cookies which i guess shouldnt be shared online for privacy issue.

Above Thread u shared is only for http requests .I need something for winhttps requests

could it be possible if i can share stuff on pm because it requires sharing cookie details which lasts only for 15 minutes duration so posting here is in vain


Share this post

Link to post
Share on other sites
On 8/1/2017 at 5:53 PM, Danp2 said:

Post your code without the actual cookie. Perhaps someone will then be able to give you some suggestions.

Also, I'm pretty sure that the function from @trancexx can do what you need.

True Bro Udf is capable of doing it .

its problem with website

It doesnt send issuer certificate so secured connection is not being done

on other side website doesnt accept unsecured connections

so m getting error

i tried on other websites and it works like charm

thanks buddy


can u help me figure out how to use issuer certificate stored in my pc to use it while using this function

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Similar Content

    • Ascer
      By Ascer
      Opertation Sys: Win7 x64
      Problem: Connecting to webs using TLS 1.1 +
      Description: WinHttp.WinHttpRequest.5.1 using TLS 1.0 by default, i need higher version to connect into some webs.
      Dim $oHttp = ObjCreate("WinHTTP.WinHTTPRequest.5.1") $oHttp.open ("GET", "https://howsmyssl.com/a/check", False) $oHttp.Option(9) = 128 ; 128 - TLS 1.0, 512 - TLS 1.1, 2048 - TLS 1.2, 2056 - TLS 1.1 & TLS 1.2 $oHttp.Send ConsoleWrite($oHttp.responseText & @CRLF) ; at end of the respond you can check your TLS version. Mine is: {"tls_version":"TLS 1.0","rating":"Bad"} Error: $oHttp.Option works only with parameter 128 (TLS 1.0) other values make error {Bad parameter}
      Additional: I've done this tutorial about enabling TLS in registry: <link>
      Thanks for support.
    • islandspapand
      By islandspapand
      Hi All
      i am currently trying to add a function to my project that can send SMS, i have gone with Twilio for the sms service that use a REST API.
      I have never worked with an API before, and could use some help.
      I can get my function working with using cURL.exe and copy past command from the website with the following code. And thats great unfortunately i am have issue with character like æøå when sending a SMS appears like a box or ?. this does not happen if i do it from the website so it looks like a Unicode issue in curl.exe.
      I have done some searching on the forum and understand that i should be able to implement this curl command with the WinHTTP UDF from @trancexx so i don't need a third part exe and it might fix my charater issue.
      Unfortunately i really don't understand how i am to change curl commands to the WinHTTP and i was hoping some good maybe give me an example i could learn from.
      Thanks in advanced
      i have removed the AuthToken number from the script.
      _SendSMS("00000000","SomeOne","SMS body info") Func _SendSMS($SendTo,$SendFrom,$Msgtxt) $AccountSID = "ACbb765b3180d5938229eff8b8f63ed1bc" $AuthToken = "Auth Token number" $Data = '"https://api.twilio.com/2010-04-01/Accounts/'&$AccountSID&'/Messages.json"'& _ '-X POST \ --data-urlencode "To=+45'&$SendTo&'" \ --data-urlencode "From='&$SendFrom&'" \ --data-urlencode "Body='&$Msgtxt&'" \ -u '&$AccountSID&':'&$AuthToken&'' ShellExecute(@ScriptDir&"\curl.exe","-k "&$Data) ;~ curl 'https://api.twilio.com/2010-04-01/Accounts/ACbb765b3180d5938229eff8b8f63ed1bc/Messages.json' -X POST \ ;~ --data-urlencode 'To=+4500000000' \ ;~ --data-urlencode 'From=Reception' \ ;~ --data-urlencode 'Body=Test Body' \ ;~ -u ACbb765b3180d5938229eff8b8f63ed1bc:[AuthToken] EndFunc  
    • jesus40
      By jesus40
      Hello friends, i have a working curl command that show informations about my account on binance.com, but_it dont work with autoit code without curl.exe.
      I want to do it without curl, because the whole process much Slower_ with StdoutRead (I want get the response in variable.)
      My Curl command in Autoit:
      This 2 are works, but_ i would like to do it without curl.exe
      $apikey="XYZ" sCommand = @ScriptDir & '\curl.exe -k -H "X-MBX-APIKEY: ' & $apikey & '" -X GET "https://api.binance.com/api/v3/account?' & $request the same in .bat  file
      curl.exe -k -H "X-MBX-APIKEY: XYZ" -X GET "https://api.binance.com/api/v3/account?timestamp=1514917812000&signature=85bdee77e53cd521e1d5229fbfb459d53799c42b3fa4596d73f1520fad5f965a" (I use curl with -k option which allows curl to make insecure connections, because there is problem with the sites certificate, (cURL error 60))
      I tried many variations, this is the latest... I cant get the same response.
      curl $error message (I changed ): {"code":-2015,"msg":"Invalid API-key, IP, or permissions for action."}
      autoit version $error message (Response code:400): Mandatory parameter 'timestamp' was not sent, was empty/null, or malformed.
      $request = $query & '&signature=' & $signature $oHTTP = ObjCreate("winhttp.winhttprequest.5.1") $oHTTP.Open("GET", "https://api.binance.com/api/v3/account", False) $oHTTP.SetRequestHeader("X-MBX-APIKEY", $apikey) $oHTTP.Send($request) $oReceived = $oHTTP.ResponseText $oStatusCode = $oHTTP.Status If $oStatusCode <> 200 then MsgBox(4096, "Response code", $oStatusCode) EndIf  
    • AlwaysLearning
      By AlwaysLearning
      I have been struggling with this for nearly 20 hours, and I just cannot seem to figure out the formatting for the header request.
      To test this, you will need to use this api key I set up for your testing purposes. (note, I sent tracexx a direct message about this as I didn't realize I could limit API restrictions until just now, so I am now hoping on of you may have the answer on hand)
      I need to be able to GET balance and POST orders.
      Right now, I can't get past the 401/403 errors on my own.
      I believe the Content is formatted for JSON, but using the JSON format didn't work for me ( although that may be because I'm an idiot and formatted something wrong).
      I want to get:
      GET balance page POST delete order page Here is a temporary API key + Secret API key with only the "View Balance Page" and "Delete Order" functions enabled:
      Access-key: tq6GeUrEvfxyF-LG
      Secret Access-Key: cZlz75K1wb8-Ed67pRaXvUWTPW6RTH9q

      Here is the site's API guide (I followed this closely and doubt the error is there): https://coincheck.com/documents/exchange/api#libraries
      And here is running source code (needs those keys inputted) which will hash the above keys to the required HMAC SHA256:
      #include <Crypt.au3> #include<WinHttp.au3> Global Const $CALG_SHA_256 = 0x0000800c ;; ===== $api = "/api/accounts/balance" $accessNonCE = _TimeGetStamp() $url = "https://coincheck.com/api/accounts/balance" $body = "" WinHTTP($url, $body) Func WinHTTP($sUrl, $sBody) Local $hOpen = _WinHttpOpen() Local $hConnect = _WinHttpConnect($hOpen, "https://coincheck.com/api/accounts/balance") ; Specify the reguest: ;Local $hRequest = _WinHttpOpenRequest($hConnect, Default, $sApi) $accessKey = "" ;; Add the key from above $secretKey = "" ;; Add the secret key from above $message = $accessNonCE & $sUrl $BinarySignature = HMAC($secretKey, $message) $signature = _Base64Encode($BinarySignature) ;Encode signature Local $hRequest = _WinHttpOpenRequest($hConnect, "GET") _WinHttpAddRequestHeaders($hRequest, 'ACCESS-KEY: '&$accessKey) _WinHttpAddRequestHeaders($hRequest, 'ACCESS-NONCE: '&$accessNonCE) _WinHttpAddRequestHeaders($hRequest, 'ACCESS-SIGNATURE: '&$signature) ; Send request _WinHttpSendRequest($hRequest) ; Wait for the response _WinHttpReceiveResponse($hRequest) Local $sHeader = _WinHttpQueryHeaders($hRequest) ; ...get full header Local $sData = _WinHttpReadData($hRequest) ; Clean _WinHttpCloseHandle($hRequest) _WinHttpCloseHandle($hConnect) _WinHttpCloseHandle($hOpen) ; Display retrieved data MsgBox(0, "Data", $sData) EndFunc Func sha256($message) Return _Crypt_HashData($message, $CALG_SHA_256) EndFunc Func HMAC($key, $message, $hash="sha256") Local $blocksize = 64 Local $a_opad[$blocksize], $a_ipad[$blocksize] Local Const $oconst = 0x5C, $iconst = 0x36 Local $opad = Binary(''), $ipad = Binary('') $key = Binary($key) If BinaryLen($key) > $blocksize Then $key = Call($hash, $key) For $i = 1 To BinaryLen($key) $a_ipad[$i-1] = Number(BinaryMid($key, $i, 1)) $a_opad[$i-1] = Number(BinaryMid($key, $i, 1)) Next For $i = 0 To $blocksize - 1 $a_opad[$i] = BitXOR($a_opad[$i], $oconst) $a_ipad[$i] = BitXOR($a_ipad[$i], $iconst) Next For $i = 0 To $blocksize - 1 $ipad &= Binary('0x' & Hex($a_ipad[$i],2)) $opad &= Binary('0x' & Hex($a_opad[$i],2)) Next Return Call($hash, $opad & Call($hash, $ipad & Binary($message))) EndFunc Func _TimeGetStamp() Local $av_Time $av_Time = DllCall('CrtDll.dll', 'long:cdecl', 'time', 'ptr', 0) If @error Then SetError(99) Return False EndIf Return $av_Time[0] EndFunc Func _Base64Encode($input) $input = Binary($input) Local $struct = DllStructCreate("byte[" & BinaryLen($input) & "]") DllStructSetData($struct, 1, $input) Local $strc = DllStructCreate("int") Local $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _ "ptr", DllStructGetPtr($struct), _ "int", DllStructGetSize($struct), _ "int", 1, _ "ptr", 0, _ "ptr", DllStructGetPtr($strc)) If @error Or Not $a_Call[0] Then Return SetError(1, 0, "") ; error calculating the length of the buffer needed EndIf Local $a = DllStructCreate("char[" & DllStructGetData($strc, 1) & "]") $a_Call = DllCall("Crypt32.dll", "int", "CryptBinaryToString", _ "ptr", DllStructGetPtr($struct), _ "int", DllStructGetSize($struct), _ "int", 1, _ "ptr", DllStructGetPtr($a), _ "ptr", DllStructGetPtr($strc)) If @error Or Not $a_Call[0] Then Return SetError(2, 0, ""); error encoding EndIf Return DllStructGetData($a, 1) EndFunc ;==>_Base64Encode
    • wakillon
      By wakillon
      HttpHeaderWatcher v1.0.1.3

      Some time ago, some members asked how to see the Http Requests.
      There are quite a few external applications but not in AutoIt!
      HttpHeaderWatcher in association with WinPcap, very modestly solves this lack.
      Once done this http watcher, i asked me : why not Re-build a WinHttp Request in AutoIt from a selected Request in one Click ?
      So i have added a "Create au3" button who open the WinHttp Request of your choice in AutoIt format in SciTE Editor.
      Voila voila, hope it can help ! 
      Buttons were made online with chimply.com the easy and free buttons generator !
      See Help for more infos.
      previous downloads : 253
      source and executable are available in the Download Section
      Hope you like it !

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.