HTTPS POST problems w/ Basic Authentication

[SkinnyWhiteGuy]

I'm trying to write a script to automatically send a POST request to an internal server we have at work (to keep me from having to go all through the links and click things several times a day). The server uses basic authentication (.htaccess) to get to the page, it goes over https on a different port (81), and it has to be POST (server software doesn't use GET, and while I do have access to rewrite it, I dare not change it and screw up multiple other things).

I searched the forums for about a week, and found a couple of different solutions.

1. Use the IE.au3 stuff to automate things. I didn't like this, cause it was going to make things flash on my screen, if I'm correct in my thinking of how that works.

2. Use the HTTP.au3 file I found here. I tried that, but some part of all the stuff I needed couldn't work.

3. I finally found the following script somewhere on the forums, and it seems to work, only... not:

$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")
$sUrl = "https://dummy:password@10.153.0.2:81/path/file.php"
$PostData = "AddIp=Add&exceptionip=10.153.94.75"
$oHttpRequest = ObjCreate("MSXML2.ServerXMLHTTP")
$oHttpRequest.Open ("POST", $sUrl,True)
$oHttpRequest.setRequestHeader  ("Content-Type", "multipart/form-data")
$oHttpRequest.SetOption(2,13056)
$oHttpRequest.Send ($PostData)
sleep(1000)
$oHttpRequest = ""

Func MyErrFunc()
    ConsoleWrite("### COM Error ! Number: " & $oMyError.number & " ScriptLine: " & $oMyError.scriptline & " Description:" & $oMyError.description & @LF)
    SetError(1)
    Return
EndFunc

Note: Names and passwords were changed, and those IP's are internal.

I tried it first without the SetOption(2,13056) line, and it returns an error about certificates (which it also does in my browser, so it is hitting the correct site). With the above script, I get no error, but nothing is changed when I recheck the page to see if the IP was added. I plan on, once this version is working, making a version that gets the IP of the computer the script is running on, so I can add different computers at different times.

Can anyone possibly help me figure out just what I did wrong, or do I need to go back to Solution 1 or 2? I know that no one can actually test my code, seeing as (like I've already mentioned), it is posting to an internal server on my side, and it may be the server kicking it back out. Since I have admin access to the server, I've checked the script, and the only thing it looks for before adding the ip is IsSet($_POST["AddIp"]), and I made sure to pass that along with the IP to be added, but still nothing.

Thanks in advanced for any and all help.

Edit: Removed the useless variables from the script.

Edited March 26, 2007 by SkinnyWhiteGuy

[SkinnyWhiteGuy]

Just a slight bump, and a good bit of an update.

After rethinking/relooking on the web, I figured I had a few errors. Error #1: I'm not trying to send XML, so why am I using that object to connect?

Once I fixed that, I changed some other information too, but I've hit another snag. Here's the code I'm trying to run now:

$WinHttpRequestOption_SslErrorIgnoreFlags = 4
$oMyError = ObjEvent("AutoIt.Error","MyErrFunc")
$sUrl = "https://dummy:password@10.153.0.2:81/path/file.php"
$PostData = "AddIp=Add&exceptionip=10.153.94.75"
$oHttpRequest = ObjCreate("WinHttp.WinHttpRequest.5.1")
$oHttpRequest.Option($WinHttpRequestOption_SslErrorIgnoreFlags) = 13056
$oHttpRequest.Open ("PUT", $sUrl, False)
$oHttpRequest.setRequestHeader  ("Content-Type", "multipart/form-data")
$oHttpRequest.Send ($PostData)
sleep(1000)
$oHttpRequest = ""

Func MyErrFunc()
    $HexNumber = Hex($oMyError.number, 8)
    ConsoleWrite("### COM Error ! Number: " & $HexNumber & " ScriptLine: " & $oMyError.scriptline & " Description: " & $oMyError.description & @LF)
    SetError(1)
    Return
EndFunc

Now, even with the SslErrorIgnoreFlags set to ignore all (0x3300, which is the decimal value above), I still get the following error in the console:

### COM Error ! Number: 80020009 ScriptLine: 9 Description: The certificate authority is invalid or incorrect

I tried setting the Certificate, but that didn't work out either. I'm still wondering if anyone else has ever had this problem before.

[piccaso]

As far as i know you can use IE.au3 hidden too and you should use it.

Because .Send() does not send post data.

Post data should be part of the request which is done when calling .open()

Dont know much about that error but if you get stuck with certificate errors you could also use curl (the commandline tool)

and make use of that --insecure switch which makes curl accept invalid certificates too...

and as a side note... the http verb should be "POST"

[SkinnyWhiteGuy]

Hmm, well, I thought it was possible to send info over post like this, but I guess not. Ah well, IE.au3, here I come!

Thanks for helping me. And I thought that it should be POST, but I kept reading things saying PUT was good to send data to the server, which I figured was exactly what I needed to do. Ah well, At least I learned to use "POST" from all this.