In a message dated 1/16/2006 6:54:20 A.M. Eastern Standard Time,
[EMAIL PROTECTED] writes:
>These are *all* required fields? You are sure you have not missed any
>hidden fields or some such sort?
I checked the Logon page and found the following hidden fields:
<form name="form" method="POST" action="./Login">
<input type=hidden name='viewICR' value=''>
<input type=hidden name='site' value='NFS'>
<input type=hidden name='from' value='NO'>
Could I send additional NAME-VALUE pairs to simulate these fields? It looks
like the value of the 'viewICR' field is a null ('').
Another thought. I did some research into the cookies that this site sends.
First, I cleared out all cookies and set Firefox to accept cookies from the
originating site only. Then I logged on the website and checked the cookie
cache. I found two cookies from isc.nwservicecenter.com: JSESSIONID and
WT_FPC. Note that the log only shows JSESSIONID. Out of curiosity, I again
cleared out all cookies and set Firefox to accept all cookies. This time I
got
the same two cookie names from Nationwide Service Center but also three
cookies from statse.webtrendslive.com: ACOOKIE, WT_VT_S, and WEBTRENDS_ID.
From
this little experiment, I draw two conclusions: The WebTrends cookies are not
necessary for me to view my financial balances page, however, the WT_FPC
cookie from Nationwide is necessary. (It looks like that cookie has some
connection with WebTrends even though it comes from Nationwide.)
This raises the question of how I can get my program to accept the WT_FPC
cookie as well as the JSESSIONID cookie?
>The very last thing I can think of is trying to masquerade HttpClient
>as a popular browser such as IE or Firefox. See the HttpClient
>troubleshooting guide for details
I will check into this option as well.
