Sending credential to a login web page - javascript

Is there a way to send username and password to a url of a login web page?
For example, if the login web page contains 2 textboxes : user name and password and a login button, is there a way to send to the url the credential in order to go directly to the next page coming after the login?
The url for the login page looks like:
http://[ip address]/jsp/login.xhtml
I tried to send the username and passord as following:
http://[username:password]/[ip address]/jsp/login.xhtml
http://[ip address]/jsp/login.xhtml?[username:password]
If there is a way to do it by sending the command through a batch file?
If it can be done using c# or javascript it is also fine.

The best option is Javascript. It can easily run from a plugin of your browser.
(I'm using 'Custom Javascript for Websites', a chrome plugin: https://chrome.google.com/webstore/detail/custom-javascript-for-web/poakhlngfciodnhlhhgnaaelnpjljija)
Firstly you navigate to the login page and check the source code for the following ID's:
- Username-inputbox
- Password-inputbox
- Submit button
Knowing these things, we can add this to our plugin: (Fill in the id's at the right places)
// First we check if we're on the right page
if (window.location.href == "URL")
{
// Find the ID's of the corresponding inputs
document.getElementById("username").value = "user0";
document.getElementById("password").value = "user0scode";
// Then click the submit button, just as we do
document.getElementById("btnSubmit").click();
}

There is free tool called Fiddler. It monitors/debugs all the traffic on your machine i.e. using browsers or any other medium. You can try capturing the action/request behind the login button using Fiddler, and then mutate the same action/request and you will be able to change the username/password for that action/request.
Download from here, and read this.

Related

javascript - oAuth: How to redirect user back to application?

I am new to javascript. I'm creating a login webpage with auth0, if the user enters the correct id/password the auth0 login API will redirect them back to the application, they are calling from based on their redirect URL.
I want to add a feature where if they don't accept terms and conditions, they would be redirected back to the application they are calling from via redirect URL.
Is it possible? I tried to search online but could not find any proper documentation. can anyone please advise?
shouldn't there be any param in the URL when they get directed to your application? i think there should be a param in the URL that you can use to redirect them back.
I found the solution, I had to user callback URLs with the error message.
Solution for this in Vue.js
<a v-on:click="f1()">..</a>
f1: function() {
window.location.href = "myapp://callback?error=MyCustoomrErrorMessage";
},

JavaScript Registration, Login and Logout Functionality

Basically I want a Login, Logout and Registration Functionality in my application using JavaScript
This is my Registration Page : https://i.stack.imgur.com/KY4vz.png
This is my Login Page : https://i.stack.imgur.com/IBEff.png
I can't find any question here.. if you want to find out how to validate forms using JavaScript just google it..
But my advice for login / register forms authentication is that it's must be done server-side and not on the client's side because if you will make it JavaScript like this:
var passInput = document.getElementById("passInput").value;
if(passInput == "correct password"){
//...
}
The client can just open the source code and simply see the correct password..
What you should do is to validate the form on server side so the client can't simply view the correct password.

Redirection not working on Safari and Firefox

I'm using express-ntlm for authenticate my users on my app. For Mac OS, browsers ask for username and password and when a user insert a wrong password, it shows a page with a forbidden message. I overwrite forbidden function on my custom library so I can redirect users to the current URL so they can insert username and password again. For some reason this works on Chrome but not on Firefox or Safari, it just keep refreshing the page but doesn't prompt users for username and password. Looks like browser is storing the failed tried of log in and doesn't let you try again.
forbidden: function(req,res){
res
.status(401)
.send(`<!DOCTYPE html><html><head><body>
<h2>Login failed, Please try again.</h2></body></head>
<script>
window.setTimeout(function() {
window.location.href = '${req.url}';
}, 1000);
</script></html>`)
}
NTLM only makes sense, if you use it for SSO (without manually entering credentials).
In your case I would suggest you to create your own username/password form and then use some Active Directory / LDAP module to authenticate against the Domain Controller. If it succeeds the user will be logged in, otherwise you show an error and the user can try again.
You can also combine them and use express-ntlm if a browser comes along that support NTLM (e.g. IE) and otherwise show a login form. In my opinion this would be the biggest benefit and best UX for your users.

Binding a web page's element to an Android App

There is a website which has a login screen, and when the submit is hit, it goes to a new page and logs in the user.
Here's a screenshot :
Now, Suppose I have a similar login screen in my android app, like this :
Now, Is there a way to link both of them, so that, when I hit login in the android app, it actually registers a submit at that website and logs in the user, and obviously, then again, binding the next webpage that shows up after logging in. How dlink the urlfrom the webpage to the js and elements in an android app?
I know there has to be javascript, but how?
Have you Checked this : http://developer.android.com/guide/webapps/webview.html
and this : http://www.codeproject.com/Articles/392603/Android-addJavaScriptInterface
While login we sends the form data from Android application to the Server-side page (JSP, Servlet,ASP or PHP), then those page will compile the required operation for login validation using any database , then it returns “1” if the login is valid else return “0”.
Hence you have to find out all the parameters that are working around once you click the login or register in that website.Also login page may contain cookies and other temp storage that will be required at each login.Also you need to find the methods used.
So understanding the webpage configurations ,parameters and functionality will help you achieve using android tools like webview(just a tool,not logic).
First make a detailed study on all the required parameters and functionality of the webpage then get started with the app.
Below is a list of reference links that may help you to tackle the issue :
Refer 1,
Refer 2,
Refer 3,
Refer 4,
Refer 5
You can also see this site to solve ur probelm ...
https://wowjava.wordpress.com/2011/01/16/login-application-for-android/
or
http://webdesignergeeks.com/mobile/android/android-login-authentication-with-remote-db/

detecting when mailto failed

When using a mailto link chances are that it doesn't do anything for the user if he doesn't have an email client setup, or didn't setup his webmail to be his default client (ea. gmail as default client in macosx).
What would be the best way to gracefully offer a fallback, kindly asking the user to manually email you?
I could use JS or css to show a message once the link has been clicked:
submit was successful, or if nothing happened please email us manually.
What about using a form with mailto, can I use a redirect page upon success without or with serverside scripting? Is there a way to filter out the success from failure, instead of relying on the user's judgement with the double success/failed message above?
edit: At least what would be the most suitable way of changing a state when a mailto link (or form) has been clicked. Obviously JavaScript or css are options, but can't I simply create a double action link or form submit; mailto and also link to another page (you have submitted/clicked the button')
This article discusses a hack of checking if the window's blur event fired after clicking the mailto. It uses a timeout, so it's not foolproof, but might address most cases. Here's a JavaScript/jQuery example, simplified from the article.
(function($)) {
$('a[href^=mailto]').each(function() {
$(this).click(function() {
var t;
$(window).blur(function() {
// The browser apparently responded, so stop the timeout.
clearTimeout(t);
});
t = setTimeout(function() {
// The browser did not respond after 500ms, so open an alternative URL.
document.location.href = '...';
}, 500);
});
});
})(jQuery);
You cannot detect whether or not a user has an email client setup. So I would suggest you to setup a server-side form for the user to contact you.
Beneath or above this you can provide the user a link explaining him that if he wants to contact you directly through his main e-mail account, he can click this link (this link being a mailto: link).
By providing him two ways of contacting you (webform or e-mail client), you give the user the opportunity to choose which one he wants to use. So it's up to him to realize whether or not he has an e-mail client installed and whether or not he wants to use it.
Use a JavaScript confirm popup to ask the user if they have email setup on their computer.

Categories

Resources