martin12 Posted July 25, 2015 Share Posted July 25, 2015 A simple script but i can't find my mistake.When i try this script with http it works fine but with https the $sheader and $sdata is empty.Please heeeeeeelp meeee. winhttp_test.au3 Link to comment Share on other sites More sharing options...
trancexx Posted July 25, 2015 Author Share Posted July 25, 2015 (edited) A simple script but i can't find my mistake.When i try this script with http it works fine but with https the $sheader and $sdata is empty.Please heeeeeeelp meeee.winhttp_test.au3That server redirects from https to http. This is considered to be security risk and therefore unsafe. To allow it you can add this line:_WinHttpSetOption($HttpOpen, $WINHTTP_OPTION_REDIRECT_POLICY, $WINHTTP_OPTION_REDIRECT_POLICY_ALWAYS) Edited July 25, 2015 by trancexx ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
martin12 Posted July 25, 2015 Share Posted July 25, 2015 That server redirects from https to http. This is considered to be security risk and therefore unsafe. To allow it you can add this line:_WinHttpSetOption($HttpOpen, $WINHTTP_OPTION_REDIRECT_POLICY, $WINHTTP_OPTION_REDIRECT_POLICY_ALWAYS) Thanks for the answer.You are right the gmx.de server was not a good example for this script.I think it depends on the server(certificate?). Some server works fine and from some i got an empty $sheader and $sdata.With tcpdump i see the tcp pakets and it looks like the certificate verification failed.But there is also a encrypted server response to my client. It is possible to save this response(error message) on the winhttp site? Debug mode?? Two files attached. The first works and the second don't. Same script only the server was changed. winhttp_test_ok.au3 winhttp_test_failed.au3 Link to comment Share on other sites More sharing options...
trancexx Posted July 25, 2015 Author Share Posted July 25, 2015 Both work for me out of the box.Try ignoring cert errors:_WinHttpSetOption($HttpOpenRequest, $WINHTTP_OPTION_SECURITY_FLAGS, BitOR($SECURITY_FLAG_IGNORE_UNKNOWN_CA, $SECURITY_FLAG_IGNORE_CERT_DATE_INVALID, $SECURITY_FLAG_IGNORE_CERT_CN_INVALID, $SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE))I assume your system is some older flavour (XP?). It could be that because of that your code has issues with newer signatures algorithms. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
martin12 Posted July 26, 2015 Share Posted July 26, 2015 Both work for me out of the box.Try ignoring cert errors:_WinHttpSetOption($HttpOpenRequest, $WINHTTP_OPTION_SECURITY_FLAGS, BitOR($SECURITY_FLAG_IGNORE_UNKNOWN_CA, $SECURITY_FLAG_IGNORE_CERT_DATE_INVALID, $SECURITY_FLAG_IGNORE_CERT_CN_INVALID, $SECURITY_FLAG_IGNORE_CERT_WRONG_USAGE))I assume your system is some older flavour (XP?). It could be that because of that your code has issues with newer signatures algorithms. You are a genius. After update from XP SP2 to SP3 it works now. Thanks. Link to comment Share on other sites More sharing options...
ericli03 Posted July 29, 2015 Share Posted July 29, 2015 (edited) trancexx, I would like to ask you a message on how to obtain ssl encryption.Like browser https connection Info display.(TLS 1.0 、cipher suites : AES128....) (Autoit forum show TLS 1.2)Which way should I use it?_WinHttpQueryAuthSchemes or _WinHttpQueryOption ? or other?Information can be obtained at present are the html ...Whether well-known encryption website is it? Edited July 29, 2015 by ericli03 Link to comment Share on other sites More sharing options...
topten Posted September 6, 2015 Share Posted September 6, 2015 Thank you very much for such a great UDF.I am trying to login in dailymotion site#include "WinHttp.au3" Opt("MustDeclareVars", 1) Global $sRead, $hFileHTM, $sFileHTM = @ScriptDir & "\Form.htm" Global $sSite = "http://www.dailymotion.com/pageitem/authenticationContainer?request=/login?" Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6") ; Get connection handle Global $hConnect = _WinHttpConnect($hOpen, "http://www.dailymotion.com") $sRead=_WinHttpSimpleRequest($hConnect) Global $hConnect = _WinHttpConnect($hOpen, $sSite) $sRead=_WinHttpSimpleRequest($hConnect) $hFileHTM = FileOpen($sFileHTM, 2) FileWrite($hFileHTM, $sRead) FileClose($hFileHTM) ShellExecuteWait($sFileHTM)It returns just a main page but doesnt lead to signin form. What am I dong wrongGreat thanx in advance! Link to comment Share on other sites More sharing options...
trancexx Posted September 6, 2015 Author Share Posted September 6, 2015 Thank you very much for such a great UDF.I am trying to login in dailymotion site#include "WinHttp.au3" Opt("MustDeclareVars", 1) Global $sRead, $hFileHTM, $sFileHTM = @ScriptDir & "\Form.htm" Global $sSite = "http://www.dailymotion.com/pageitem/authenticationContainer?request=/login?" Global $hOpen = _WinHttpOpen("Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.6) Gecko/20100625 Firefox/3.6.6") ; Get connection handle Global $hConnect = _WinHttpConnect($hOpen, "http://www.dailymotion.com") $sRead=_WinHttpSimpleRequest($hConnect) Global $hConnect = _WinHttpConnect($hOpen, $sSite) $sRead=_WinHttpSimpleRequest($hConnect) $hFileHTM = FileOpen($sFileHTM, 2) FileWrite($hFileHTM, $sRead) FileClose($hFileHTM) ShellExecuteWait($sFileHTM)It returns just a main page but doesnt lead to signin form. What am I dong wrongGreat thanx in advance!Try this:expandcollapse popup#include "WinHttp.au3" $sEmail = "your.mail@something.com" ; your mail $sPassword = "password" ; your password $hOpen = _WinHttpOpen() $hConnect = _WinHttpConnect($hOpen, "http://www.dailymotion.com") ; Login _WinHttpSimpleFormFill($hConnect, _ "/pageitem/authenticationContainer?request=/login", _ ; login page "authentication_form", _ ; id of the form "authentication_form_username", $sEmail, _ "authentication_form_password", $sPassword, _ "authentication_form_authChoice_login", "login") ; After you've been logged-in, you can proceed further. All the cookies are automatically handled from now on ($hOpen and all the child handles carries auth info) ; See the index page. You should see your name somewhere there: $sRead = _WinHttpSimpleRequest($hConnect) ; Go anywhere, do anything: ;... ;... ; After you're done close used handles _WinHttpCloseHandle($hConnect) ; And finally close session handle _WinHttpCloseHandle($hOpen) ;~ ConsoleWrite($sRead) $sFileHTM = @ScriptDir & "\Form.htm" $hFileHTM = FileOpen($sFileHTM, 2) FileWrite($hFileHTM, $sRead) FileClose($hFileHTM) ShellExecuteWait($sFileHTM) ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
topten Posted September 6, 2015 Share Posted September 6, 2015 Fantastic. You are genius! Grea thanx! Link to comment Share on other sites More sharing options...
topten Posted September 7, 2015 Share Posted September 7, 2015 (edited) 1) I wonder, is there a method to check if the request would work or not? For example, in your previous example there is a parameter."authentication_form_authChoice_login", "login"How did you get that parameter?2) Would it be the same for ssl, I mean is it enough to fire this$sRead = _WinHttpSimpleSendSSLRequest($hConnect)3) _WinHttpSimpleFormFill - what should I do if the form doesn't have a name or id, but only classname?Great thanx in advance Edited September 7, 2015 by topten added question 3 Link to comment Share on other sites More sharing options...
trancexx Posted September 7, 2015 Author Share Posted September 7, 2015 1) I wonder, is there a method to check if the request would work or not? For example, in your previous example there is a parameter."authentication_form_authChoice_login", "login"How did you get that parameter?2) Would it be the same for ssl, I mean is it enough to fire this$sRead = _WinHttpSimpleSendSSLRequest($hConnect)3) _WinHttpSimpleFormFill - what should I do if the form doesn't have a name or id, but only classname?Great thanx in advance I'd checked the source of the "/pageitem/authenticationContainer?request=/login" page. There are two radio buttons, only one should be set obviously, the one with id "authentication_form_authChoice_login" for login action.To check if the request would work you could check the return of _WinHttpSimpleFormFill(), however that depends on server implementation. For example in this case server will return error, even if there's no error. My guess is that they do this deliberately (I would) because the api is written to use javascript's XMLHttpRequest in which case additional HTTP header is set "X-Requested-With: XMLHttpRequest". When server detects that header field it returns slightly different reply in order to notify the user that login was success:;... $sLoginRet = _WinHttpSimpleFormFill($hConnect, _ "/pageitem/authenticationContainer?request=/login", _ ; login page "authentication_form", _ ; id of the form "authentication_form_username", $sEmail, _ "authentication_form_password", $sPassword, _ "authentication_form_authChoice_login", "login", _ "X-Requested-With: XMLHttpRequest"); just to be able to confirm successful login) ConsoleWrite($sLoginRet & @CRLF) ;......In this case you can check @error or @extended after calling _WinHttpSimpleFormFill. Former would be 0 and latter 200 (HTTP_STATUS_OK).For SSL you have to specify the address as "https://...", and later use _WinHttpSimpleSSLRequest (notice that you wrote WinHttpSimpleSendSSLRequest).If the form doesn't have "id" or "name" then you can use its index. First form on the page has index 0, second one has index 1, etc... It's e.g. "index:1". It's explained in detail in WinHttp's help file.Classname is part of presentational layer of the web page, you shouldn't be using it to identify the form. ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
topten Posted September 8, 2015 Share Posted September 8, 2015 Thank you very much, Trancexx. Great tuto Link to comment Share on other sites More sharing options...
Allow2010 Posted October 8, 2015 Share Posted October 8, 2015 (edited) Hi,i am using you great UDF to communicate with my router (FritzBox, mainly used in Europe).I made some scripts for that which you can find here _FB_ToolsThe FritzBox webinterface allows downloads of some data, like a backup of the config or a phonebook.I would like to make this work in my scripts as well, but i was not able to get it working.In order to download a file backup of the current config i need to provide a password and submit a form. as a rasult i get a backup file.Here is an example of how a download of the current config file looks like in an tcp sniffer:POST /cgi-bin/firmwarecfg HTTP/1.1Host: 192.168.118.4User-Agent: some agentAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: de,en-US;q=0.7,en;q=0.3Accept-Encoding: gzip, deflateDNT: 1Referer: http://192.168.118.4/Connection: keep-aliveContent-Type: multipart/form-data; boundary=---------------------------2803148312666Content-Length: 369-----------------------------2803148312666Content-Disposition: form-data; name="sid"e26f5a3e45073676-----------------------------2803148312666Content-Disposition: form-data; name="ImportExportPassword"some password-----------------------------2803148312666Content-Disposition: form-data; name="ConfigExport"-----------------------------2803148312666--HTTP/1.1 200 OKConnection: Keep-AliveTransfer-Encoding: chunkedContent-type: application/octet-stream;Date: Thu, 08 Oct 2015 08:40:03 GMTKeep-Alive: timeout=60, max=300Content-Disposition: attachment; filename="FRITZ.Box 7490 113.06.36-31504LABOR_BETA_08.10.15_1040.export"**** FRITZ!Box 7490 CONFIGURATION EXPORT.more data.more data.more data Is _WinHttpSimpleFormFill the right way to go (can i get the file and save it?) or do i need a different approach?Would be very nice if you could show me the way to go, thanks in advance !Markus Edited October 8, 2015 by Allow2010 Link to comment Share on other sites More sharing options...
trancexx Posted October 8, 2015 Author Share Posted October 8, 2015 _WinHttpSimpleFormFill can do that in one step rather simply. I can write an example but unfortunately you aren't providing enough data. For example, how do you enter password (by filling the web form or like with http://trancexx.tk/basic/ ). ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
trancexx Posted October 8, 2015 Author Share Posted October 8, 2015 Ok guys, quit playing hangman on my comp LOL mLipok and jchd 2 ♡♡♡ . eMyvnE Link to comment Share on other sites More sharing options...
Allow2010 Posted October 8, 2015 Share Posted October 8, 2015 (edited) _WinHttpSimpleFormFill can do that in one step rather simply. I can write an example but unfortunately you aren't providing enough data. For example, how do you enter password (by filling the web form or like with http://trancexx.tk/basic/ ).I sent you infos by PM.The authentication is a bit more complicated, it is done by sending a SID (like an token or key) with the request. Edited October 18, 2015 by Allow2010 Link to comment Share on other sites More sharing options...
EmilyLove Posted October 12, 2015 Share Posted October 12, 2015 Wow. Great work. I gave up trying to do anything regarding HTTP requests since I couldn't figure out how to use it. This is incredibly simple to use. Thanks. Link to comment Share on other sites More sharing options...
Allow2010 Posted October 18, 2015 Share Posted October 18, 2015 I use Winhttp to upload a file like this:$sFileToUpload = @ScriptDir & "\test.mp3" Const $sForm = _ '<form name="uploadform" method="POST" action="/cgi-bin/upload" enctype="multipart/form-data">' & _ '<input type="file" name="File" value="">' & _ '</form>' $hConnect = $sForm ; Fill form $sReturned = _WinHttpSimpleFormFill($hConnect, $hOpen, Default, "name:File", $sFileToUpload)This works fine...But i would like to set all formfields inside the form like this:$sFileToUpload = @ScriptDir & "\test.mp3" Const $sForm = _ '<form name="uploadform" method="POST" action="/cgi-bin/upload" enctype="multipart/form-data">' & _ '<input type="file" name="File" value="' & $sFileToUpload & '">' & _ '</form>' $hConnect = $sForm ; Fill form $sReturned = _WinHttpSimpleFormFill($hConnect, $hOpen, Default)This does not work...Can anyone explain to me why this does not work? Where is my mistake? Link to comment Share on other sites More sharing options...
Allow2010 Posted October 19, 2015 Share Posted October 19, 2015 after taking a closer look at the code of _WinHttpSimpleFormFill i figured out most of it myself...its a bit complicated, the short version: the content of the file has to be added not just the filename...WinHttpSimpleFormFill does the job well, so i keep it that way :-) trancexx 1 Link to comment Share on other sites More sharing options...
Allow2010 Posted October 19, 2015 Share Posted October 19, 2015 One Problem solved, new one here :-)I download a file using _WinHttpSimpleFormFillIt works fine, but i could not find a way to get the filename from the Headers without hacking WinHttpSimpleFormFill with a ugly global varibaleI did this almost at the end of WinHttpSimpleFormFill : Global $sDisp = _WinHttpQueryHeaders($hRequest, $WINHTTP_QUERY_CONTENT_DISPOSITION) Local $sReturned = _WinHttpSimpleReadData($hRequest)now i can get the filename from the global $sDisp but this seems suboptimal to me..is there another way to do this?An option to get the result as array like it is done with $fGetHeaders for _WinHttpSimpleRequest would be great... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now