Re: curl and form submission
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, Jun 09, 2016 at 05:34:25AM +0000, Bob wrote:
>
> On Wednesday 08 June 2016 05:01 PM, Jeremy Nicoll wrote:
> >On Wed, 8 Jun 2016, at 17:16, Bob wrote:
[...]
> Thanks for your explanation. I did "curl -c" but no luck as it
> doesn't have any cookie.
>
> curl -c mycookie " http://<link>/login1.html?a=%3F<username>%2B%2F%40&b=%3F<password>%2B%2F%40
> "
>
> # ls mycookie
> ls: cannot access 'mycookie': No such file or directory
>
> whereas I can see during curl operation
>
> [....]
>
> <body onload="load();">
> <form name="myform" method="post" action="http://<link>/login">
> <input type="hidden" name="username" />
> <input type="hidden" name="password"/>
> </form>
> </body>
>
> [/...]
The form leads explicitly to a POST request. This is one where
the data is sent in the HTTP body (and not as query parameters
in the URL, as your curl command above is trying).
Some web frameworks accept (equivalently) both variants, some
not.
Try sending as a POST request:
curl -X POST -c mycookie \
-d username=<user> -d password=<pass> \
http://<link>/login
(replacing, of course <user>, <pass>, <link> by more interesting
values. I've broken up the long line with backslashes, don't type
in those).
For more on the -d option and its cousins, look them up in the
curl man page under --data, --data-ascii, --data-binary and
friends.
Is anything in the cookiejar yet?
regards
- -- t
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAldZFx8ACgkQBcgs9XrR2kZuTQCfY/gdtNzYZwKBw8P2BBqLRqaG
K4IAn35AMRryXkB+h/tNU+QLxFsjIN9j
=8a03
-----END PGP SIGNATURE-----
Reply to: