im trying to make a post request to the server but the jquery doesnt sent any post date.
i already tried to use: (suggestions i found on the web)
var postdata = {'username':username,'password':password,'src':'web'};
instead of
var postdata = 'username=' + username + '&pass=' + password + '&src=web';
this is my jquery code:
var username = $('#uForm_un').val();
var password = $('#uForm_pw').val();
var postdata = 'username=' + username + '&pass=' + password + '&src=web';
console.log(postdata);//output: username=administrator&pass=password&src=web
$.post(
"inc/api/do.login.ajax",
postdata,
function (data) {
console.log(data);//output: a vardump($_POST) wich is empty.
}
);
browser data:
Remote Address:62.***.**.**:80
Request URL:***********/inc/api/do.login.ajax/
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
Cache-Control:no-cache
Connection:keep-alive
Cookie:anonymous=-81523622186; windowtop=100; LanguageId=1; CurrencyId=1; space_history=%7B%221%22%3A%2220%22%7D; eventId=1; OrderId=201424754035; filter_starttime=6%3A00; filter_endtime=12%3A00; _ga=GA1.2.2031844175.1410181977; __atuvc=13%7C37; PHPSESSID=4x1xc4ca4238a0b923820dcc509a6f75849b; filter_display_mode=grid; filter_search=; filter_where=eindhoven; filter_startdate=01/09/2014; filter_enddate=05/09/2014; filter_order=itemdate; filter_dayparts=; filter_distance=100000; filter_categories=; list=%2C2797
Host:********.nl
Pragma:no-cache
Referer:***************/index.php?action=editvisit
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.103 Safari/537.36
X-Requested-With:XMLHttpRequest
Response Headersview source
Connection:Keep-Alive
Content-Encoding:gzip
Content-Length:156
Content-Type:text/html; charset=utf-8
Date:Thu, 11 Sep 2014 09:15:03 GMT
Keep-Alive:timeout=5, max=88
Server:Apache/2.2.22 (Debian)
Vary:Accept-Encoding
X-Powered-By:PHP/5.4.4-14+deb7u14
EDIT:
now i use this code, but with the same result...
$.post( "inc/api/do.login.ajax",{
username : ""+$('#uForm_un').val()+"",
pass : ""+$('#uForm_pw').val()+"",
src : "web"
}).done(function(data) {
console.log(data);
}, "json" );
Solution:
change this:
inc/api/do.login.ajax
to
inc/api/do.login.ajax/index.php
with a get request it works fine but with a post...
sorry for taking your time and thanks! every answer was usefull!
Related
I am working on a JSP(tomcat6) application. (domain is different)
I'm trying to set the same-site attribute to None because The cookies have disappeared after more than 2 minutes due to the new version of the chrome browser. (Release date for a fix is February 4, 2020 per: https://www.chromium.org/updates/same-site)
I tried to solve the problem in the following ways but is still not working
response.setHeader("Set-Cookie", "user=test;HttpOnly;Secure;SameSite=None");
response.setHeader("Set-Cookie", "HttpOnly;Secure;SameSite=None");
document.cookie = "witcher=Geralt; HttpOnly; SameSite=None; Secure";
<iframe src="https://service3.smartcapsule.jp/disp/ONECLICKCOMM.do"></iframe>
By using Pop-up windows
Code is here
document.form1.division2.value = 1;
document.form1.division3.value = 1;
document.form1.division4.value = 1;
document.form1.pan.value = 4322423434232342;
document.form1.expiryDate.value = 0222;
document.form1.jspName.value = 'index.jsp';
document.form1.method = "post";
document.cookie = "HttpOnly; SameSite=None; Secure";
document.form1.action = http://service3.smartcapsule.jp/disp/ONECLICKCOMM.do;
Header is here
<html><body>
host=localhost:8080<br>
connection=keep-alive<br>
content-length=90<br>
cache-control=max-age=0<br>
origin=http://localhost:8080<br>
upgrade-insecure-requests=1<br>
dnt=1<br>
content-type=application/x-www-form-urlencoded<br>
user-agent=Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4252.0 Safari/537.36<br>
accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9<br>
sec-fetch-site=same-origin<br>
sec-fetch-mode=navigate<br>
sec-fetch-user=?1<br>
sec-fetch-dest=document<br>
accept-encoding=gzip, deflate, br<br>
accept-language=en,q=0.9,q=0.8,ko;q=0.7,ja;q=0.6,q=0.5<br>
cookie=SameSite=None; Secure; aspGroupId=00000000; _ga=GA1.1.371271115.1600306707; _gid=GA1.1.1473986481.1600822923; JSESSIONID=15BA5A77A80B2C93969A44FE9371B135; _gat_UA-71516129-3=1; _token=8b234c913616b70c05100bb7fc141a33; _gat=1; arp_scroll_position=2986.363525390625<br>
</body></html>
-------------------------------------------------------------------------------------------
<html><body>
host=localhost:8080<br>
connection=keep-alive<br>
content-length=384<br>
cache-control=max-age=0<br>
origin=null<br>
upgrade-insecure-requests=1<br>
dnt=1<br>
content-type=application/x-www-form-urlencoded<br>
user-agent=Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4252.0 Safari/537.36<br>
accept=text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9<br>
sec-fetch-site=cross-site<br>
sec-fetch-mode=navigate<br>
sec-fetch-dest=document<br>
accept-encoding=gzip, deflate, br<br>
accept-language=en,q=0.9,q=0.8,ko;q=0.7,ja;q=0.6,q=0.5<br>
</body></html>
If I don't change browser properties, how should I fix it?
disable 「SameSite by default cookies」 in chrome://flags
「20200924」I tried the following, but the cookies was still lost
Cookies.set('name', 'value', {
sameSite: 'none',
secure: true
})
response.setHeader("Set-Cookie", "user=mcmd;HttpOnly;Secure;SameSite=None");
document.cookie = "witcher=Geralt; SameSite=None; Secure";
public void doGet( HttpServletRequest request, HttpServletResponse response ) throws ServletException,IOException {
response.setContentType("text/html;charset=Windows-31J");
PrintWriter out = response.getWriter();
out.println("<html><body>");
Enumeration e = request.getHeaderNames();
while( e.hasMoreElements() ) {
String name = ( String )e.nextElement();
out.println( name + "=" + request.getHeader( name ) + "<br>");
}
out.println("</body></html>");
}
document.cookie = "<%= s_cookies %>";
document.cookie = "witcher=Geralt; SameSite=None; Secure";
res.setHeader("Set-Cookie", "user=mcmd;HttpOnly;Secure;SameSite=None");
res.setHeader("Access-Control-Allow-Origin","*");
res.setHeader("Access-Control-Allow-Credentials","true");
crossDomain=true; withCredentials=true;Authorization; Max-Age=60*60*3600
<iframe src="https://service3.smartcapsule.jp/disp/ONECLICKCOMM.do"></iframe>
<script
src="https://code.jquery.com/jquery-3.4.1.min.js"
integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous">
</script>
<script>
const apexUrl = 'localhost:8080';
const forwardUrl = 'https://localhost:8080';
alert(window.location.host);
if (window.location.host === apexUrl) {
window.location.host = forwardUrl;
}
</script>
Google reCAPTCHA
To edit a cookie, set its value, and then add it to the response.
and never forget to change the ExpiresDate.
I actually did a lot of research and tried different ways to upload a video file using JQuery's $.ajax() and FormData. I am using an updated version of Chrome and Firefox and aware that uploading of file using $.ajax() is possible for jQuery 1.6 and up. Right now I'm using jQuery-3.3.1.js
For whatever reason, I still can't make it work. I am getting an empty data when I echo $_FILES['myFile']['name'];
view.php
<div class="modal_body">
<form class="container_UserInfo" id="modalForm_uploadVideo">
<label class="modal_label" id="modalLbl_browseVideo">
Select Video
<input type="file" name="myFile" class="modalbtn_browseFiles" id="modalBtn_choose_video_file" value="Select Video" accept="video/*"/><br>
</label>
</form>
</div>
<button class="btn_modalFooter" id="modalBtn_uploadVideo_upload" name="modalBtnName_uploadVideo_upload">
Upload
</button>
view.js
$('#modalBtn_uploadVideo_upload').on('click',function(event){
if(hasInputFileLoaded()){
uploadVideo();
}else{
alert("No file input.");
}
});
function uploadVideo() {
var formData = new FormData();
formData.append('file', $('#modalBtn_choose_video_file')[0].files[0]);
console.log($('#modalBtn_choose_video_file')[0].files[0]); // console displays the selected file info.
$.ajax({
url: 'controller/upload_video.php',
type: 'POST',
data: formData,
processData: false, // tells jQuery not to process the data
contentType: false, // tells jQuery not to set contentType
success: function (data) {
console.log(data);
alert(data);
},
error: function (x, e) {
if (x.status == 0) {
alert('You are offline!!\n Please Check Your Network.');
} else if (x.status == 404) {
alert('Requested URL not found.');
} else if (x.status == 500) {
alert('Internal Server Error.');
} else if (e == 'parsererror') {
alert('Error.\nParsing JSON Request failed.');
} else if (e == 'timeout') {
alert('Request Time out.');
} else {
alert('Unknown Error.\n' + x.responseText);
}
}
});
}
upload_video.php
$myFile = $_FILES['myFile']['name'];
echo "myFile: " . $myFile;
echo "myFile: " . $myFile; displays:
myFile:
This line:
console.log($('#modalBtn_choose_video_file')[0].files[0]); // console displays the selected file info.
shows me the information of the file that was selected and I'm sure it's not empty.
I dont know what's missing. It's able to pick up and run the upload_video.php script but gets nothing in $_FILES[]
I'd like to reiterate that the <form> is contained within a modal div. I don't know if it has anything to do with the problem.
Please help. I'd appreciate any suggestion.
Thank you.
**** EDIT ******
This is what I'm getting in XHR->Headers->Request Payload of Google's Developer Tools.
Request Payload
------WebKitFormBoundarybqKoBuiQ9WumYuTo
Content-Disposition: form-data; name="file"; filename="How to Configure Nginx VirtualHost in Ubuntu.mp4"
Content-Type: video/mp4
And for Request Headers
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Connection: keep-alive
Content-Length: 20360818
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybqKoBuiQ9WumYuTo
Cookie: PHPSESSID=q669bu6jqodkpqpvu2hructsm7
Host: localhost
Origin: http://localhost
Referer: http://localhost/cai/landingpage.php
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
X-Requested-With: XMLHttpRequest
I've added the enctype="multipart/form-data" method="post" as suggested and var_dump($_FILES); and var_dump($_POST) but keep getting
NULL or array(0){}
I also replaced myFile with file in $_FILES[][]
$myFile = $_FILES['file']['name'];
echo "myFile: " . $myFile;
but did nothing to fix my problem.
What other troubleshooting can I do?
******* end of edit *******
You're sending the file data in the file property, not myFile, so your PHP should be changed to this:
$myFile = $_FILES['file']['name']; // note 'file' here
echo "myFile: " . $myFile;
I've got issue with getting an content:
with dryscrape.Session() as c:
PASSWORD = '<PASS>'
USERNAME = '<EMAIL>'
URL = 'https://my.pingdom.com/'
c.get(URL)
soup = BeautifulSoup(c.get(URL).text, "lxml")
csrf = soup.select_one("input[name=__csrf_magic]")["value"]
login_data = {
"email" : USERNAME,
"password" : PASSWORD,
"__csrf_magic" : csrf,}
r = c.post(URL, data=login_data, headers={'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36'})
url = 'https://my.pingdom.com/newchecks/rums?ignoreActive=1'
r = c.get(url).text
print r
And after login in browser i've got value of Load Time in source code, but when i'm using this scipt there is only an {{loadtime}} tag from x-handlebars-template.
Any ideas how I can get it? This is server script so any selenium type of tips doesn't go in here. :)
I'm trying to use curl to post some data and retrieve it from a website that isn't mine, the websites form doesn't seem to have a form action and the page doesn't reload when you submit the data and there also seems to be some js behind the click of the button.
$url = "http://emonitoring.poczta-polska.pl/#";
$parm = "numer=RR123456789PL";
and here is the curl:
array(
CURLOPT_URL => $url,
CURLOPT_POST => TRUE,
CURLOPT_POSTFIELDS => $parm,
CURLOPT_RETURNTRANSFER => TRUE,
CURLOPT_FOLLOWLOCATION => TRUE
);
I execute and init the curl as expected, just showing the important parts. Here is also the live http headers output:
POST /wssClient.php HTTP/1.1
Host: emonitoring.poczta-polska.pl
Accept: */*
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Content-Type: application/x-www-form-urlencoded
Origin: http://kody.poczta-polska.pl
Referer: http://kody.poczta-polska.pl/
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.153 Safari/537.36
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length: 1215
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jun 2014 03:31:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Apache
X-Cnection: close
At the moment it just shows the page and it doesn't look like that form was submitted, I've also tried putting the url as: "http://emonitoring.poczta-polska.pl/wssClient.php" and just get told to enter the number.
In such cases you go to chrome, hit F12, go to network, submit the form and see what is sent to the server. I see this posted
s:fggsbnqu033gqiipemr50fer56
n:RR123456789PL
l:
If you view source you see
if (jQuery('#numer').val().length == 19) {
var numer = dodajck(jQuery('#numer').val())
} else var numer = jQuery('#numer').val();
jQuery.ajax({
type: 'post',
cache: true,
dataType: 'html',
data: ({
s: 'fggsbnqu033gqiipemr50fer56',
n: numer,
l: ''
}),
url: 'wssClient.php',
The s:.... could mean you need to have a session on their server to be able to call the wssClient - if so, you will need to CURL with sessions
If you can call their server without a session or you have a session before you call you can curl using the parm is n= and not numer= and you need to have calculated the checksum using their function which can easily be translated to PHP
function dodajck(numer) {
// dodatkowe sprawdzenia i określenie wag oraz części numeru, która
// ma zostać zważona
//String wagi;
//String doWazenia;
var wagi = "3131313131313131313";
var doWazenia = String(numer);
// wyliczenie sumy iloczynów waga * cyfra
var suma = 0;
for (var i = 0; i < 19; i++)
suma = suma + Number(doWazenia.substring(i, i + 1)) * Number(wagi.substring(i, i + 1));
// ostateczne sprawdzenia
// przykład numeru 20-cyfrowego
// 00
// 1 - rodzaj?
// 590 -- kraj 590 = PL
// 0773 -- firma 0773 = PP
// 3 -- rodzaj przesyłki
// 12345678 - numer przesyłki
// 9 - CK
// ważone są numery od 1 do 19
var ck = 10 - suma % 10;
if (ck == 10) ck = 0;
return String(numer) + String(ck);
}
The form is submitted via AJAX. To see the exact HTTP request simply fire up the developer tools in Chrome or Firefox (F12). Navigate to the 'Network' tab, and hit the submission button on their website. You should see a request being fired off. If you open it up, you will be able to see everything you need to make the request yourself - URL, Parameters and their format, HTTP header values, etc. - and the response you're supposed to get.
Hope this helps!
So i am generating form on fly and posting it to another website. The problem is that when i'am using IE form post request contains no parameters. The form outerHTML is the same in Mozilla and IE 8, so i just can not understand it does not work properly in IE 8.
Is there any way to fix ?
Here is the logic that posts generates & posts the form:
function PostForm() {
var form = AddForm();
var email = hiddenEmailCtrl.value;
var password = hiddenPasswordCtrl.value;
var checked = rememberMeCtrl.checked;
AddField(form, "email", email);
AddField(form, "password", password);
AddField(form, "remember_me", checked);
form.action = 'https://somesite.com/login';
alert(form.outerHTML);
alert(document.forms[1].outerHTML);
document.forms[1].submit();
}
function AddForm() {
var submitForm = document.createElement("form");
document.body.appendChild(submitForm);
submitForm.id = 'credentialsForm';
submitForm.method = "post";
submitForm.target = '_blank';
return submitForm;
}
function AddField(formElement, fieldName, fieldValue) {
var inputElement = null;
if (typeof (document.all) != undefined && document.all) {
inputElement = document.createElement("<input type='hidden' name='" + fieldName + "' value='" + fieldValue + "' />");
inputElement.id = fieldName;
}
else {
inputElement = document.createElement('input');
inputElement.setAttribute('type', 'hidden');
inputElement.setAttribute('name', fieldName);
inputElement.setAttribute('value', fieldValue);
inputElement.id = fieldName;
}
if (inputElement == null) return null;
formElement.appendChild(inputElement);
return inputElement;
}
And here is Mozilla request :
POST /login HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: ensiconnect.groupsite.com
Content-Length: 42
Expect: 100-continue
Connection: Keep-Alive
email=some#email.com&password=somePassword
This is IE8 request:
CONNECT somesite.com:443 HTTP/1.0
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; WOW64; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.1; .NET4.0C; .NET4.0E; AskTbF-ET/5.9.1.14019)
Proxy-Connection: Keep-Alive
Content-Length: 0
Host: ensiconnect.groupsite.com
Pragma: no-cache
IE uses a nonstandard version of document.createElement that also supports HTML code instead of a simple tag name. Since this violates the standard, and IE8 went to some length to be more compliant, it's possible IE8 only obeys the non-standard variant in quirks mode.
You should try removing the switch on document.all and pass IE8 the w3c variant in AddField. If that works then you'll need to test for IE7 rather than document.all
btw, I'm just guessing here, you'll need to test it.