Http Requests

[Acce]

Hi guys I have made a full project using mouse click and automate browser that way , but to many things can go wrong writing this was , works fine on my system but have lots of problem when sending elsewhere. SO I want to try to use http request instead this is what I got so far but I think there is a very small mistake so i get "bad request" response from server  here is what I got 

 

 

#include "WinHttp.au3"
HotKeySet("{f1}", "myExit")
    
Opt("MustDeclareVars", 1)
    ; Open needed handles
Local $hOpen = _WinHttpOpen()
Local $hConnect = _WinHttpConnect($hOpen, "https://www.xe.com/currencyconverter/")
; Specify the reguest:
Local $hRequest = _WinHttpOpenRequest($hConnect, Default, "login[userid]=user" & "&login[password=pass")
    ; Send request
_WinHttpSendRequest($hRequest)
    ; Wait for the response
_WinHttpReceiveResponse($hRequest)
    Local $sHeader = _WinHttpQueryHeaders($hRequest) ; ...get full header
    ; Clean
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)
    ; Display retrieved header
MsgBox(0, "Header", $sHeader)
    Func myExit()
  MsgBox(262144 ,"Script Aborted","Script aborted by user!" )
  Exit
EndFunc   ;==>myExit
     

 

Where did I go wrong ? any help at all would be much appreciated 

[Danp2]

I can see a few potential issues --

• You generally pass just the primary website (https://www.xe.com) to _WinHttpConnect. The other portion would be used  with _WinHttpOpenRequest instead
• The site has different login addresses depending on your objective. So you probably need to adjust your target in order to correctly log in

P.S. If you told us what your script actually does, it would probably make it easier for us to help you further

[Acce]

Hi thanks for your reply . 

 

"P.S. If you told us what your script actually does, it would probably make it easier for us to help you further"

- currently I´m  just trying to get a successful reply from the server with my login . My reasoning is that if I can manage that i will probably be able to get more data from the site as well , but is kinda crucial that i manage to login successfully .

I´m  not that well versed with http requests.  I made something similar in excel a few years back where I had the API to a site but remember that I had some hiccups along the way 

How could I use _WinHttpOpenRequest to pass the login over ? 

[Danp2]

39 minutes ago, Acce said:

How could I use _WinHttpOpenRequest to pass the login over ? 

Call it with the correct parameters. 😎  Can't really help you further since you avoided providing the requested information.

P.S. Have you checked the site's TOS to make sure that you aren't in violation?

[Acce]

Hi I found an example in the help file for WinHttp.au3 and have made this modification: 

expandcollapse popup

#include "WinHttp.au3"
HotKeySet("{f1}", "myExit")
    Opt("MustDeclareVars", 1)
    ; !!!Note that this example will fail because of invalid username and password!!!
    ; Authentication data
Global $sUsername = "user"
Global $sPassword = "pass"
    ; Address
Global $sAddress = "https://www.xe.com/currencyconverter/"
    ; Initialize and get session handle
Global $hOpen = _WinHttpOpen()
    ; Get connection handle
Global $hConnect = _WinHttpConnect($hOpen, $sAddress)
    ; Request
Global $hRequest = _WinHttpOpenRequest($hConnect, _
        "POST", _ ; verb
        "/login_check", _    ; target
        Default, _ ; version
        "https://www.xe.com/currencyconverter/", _    ; referer
        "*/*") ; accept
    ; Send it
_WinHttpSendRequest($hRequest, _
        "Content-Type: application/x-www-form-urlencoded" & @CRLF, _
        "login%5Buserid%5D:" & $sUsername & "&login%5Bpassword%5D=" & $sPassword & "&login%5Bremember_me%5D=false")
    ; Wait for the response
_WinHttpReceiveResponse($hRequest)
    ; See what's returned
If _WinHttpQueryDataAvailable($hRequest) Then
    Global $sHeader = _WinHttpQueryHeaders($hRequest)
    ConsoleWrite($sHeader & @CRLF)
    ; Check if proper cookie is given
    If StringInStr($sHeader, 'Set-Cookie: uchome_loginuser=' & $sUsername) Then
        MsgBox(0, "", "Login success")
    Else
        MsgBox(0, "", "Login failed")
    EndIf
Else
    MsgBox(48, "Error", "Site is experiencing problems.")
EndIf
    
; Close open handles and exit
_WinHttpCloseHandle($hRequest)
_WinHttpCloseHandle($hConnect)
_WinHttpCloseHandle($hOpen)
    Func myExit()
  MsgBox(262144 ,"Script Aborted","Script aborted by user!" )
  Exit
EndFunc   ;==>myExit
     

And now I get a successful response from the server, unfortunately I dont get logged in  but a response from the server is certainly nice, The sample from WinHttp.au3 help  uses an old site which no longer exists witch is a shame 

[Acce]

I think I have pinpointed the problem here is interesting part of the response I get 

Set-Cookie: XSRF-TOKEN=KcY0vT-lHUtNzBls49MiqaYfMbyUZuLwAWUf9KG760M; path=/; secure

and when I inspect the site I see this XSRF-TOKEN is sent with the request header So I guess I need to send another login request with this token in the request header ? any help to how I should do that ?