After figuring out about the single header my self I found your reference to
http.protocol.single-cookie-header
But I found some weird sites that accept only single header cookies but send
multi
header cookies. By turning on http.protocol.single-cookie-header the
response headers
were missinterpreted skipping the second and later cookies.
The biggest problem with the ASPX sites was the need for
httpclient.getParams().setParameter("http.protocol.expect-continue",true);
Would it make any difference to make this the default behavior of
HttpClient?
Having looked at a number of sites, it is amazing the random combination of
<form>
Javascript and cookies implemented for login.
There was even one cookie with and .getTime() which seems to be interpreted
by
the browser as a number which is updated every second.
Certainly few sites used the Keep It Simple Stupid style.
olegk wrote:
>
>
> On Thu, 2007-11-08 at 12:51 -0800, ggcampbell wrote:
>> I have been trying to login into a variety of ASPX sites.
>> I am able to establish the https connections because I can retrieve the
>> login page from https.
>> But the form submission does not seem to work. The sites do not respond
>> with the page after
>> login.
>> I can log into the site with firefox or IE.
>>
>
> Same here. Capture HTTP requests generated by the browser using a
> traffic analyzer or a proxy, customize HttpClient to generate identical
> (compatible) requests.
>
>> Strangely, if I retreive the cookies for firefox or IE and the send them
>> to
>> the web address
>> I get back the page as if httpclient had logged in.
>>
>> I wonder if the form encoding is sending the proper format.
>>
>> On a separate issue I found that the cookies needed to be encode like:
>> Cookie: a=b; c=d; e=f
>> but
>> Cookie: a=b
>> Cookie: c=d
>> Failed
>>
>> Any ideas?
>
> Use 'http.protocol.single-cookie-header' parameter to force all cookies
> into one request header.
>
> http://jakarta.apache.org/httpcomponents/httpclient-3.x/cookies.html
>
> Hope this helps
>
> Oleg
>
>
>> I wonder if someone knows an aspx site which would just bounce
>> back the
>> form submission elements from an https POST.
>>
>> Thanks
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/https-and-aspx-tf4773539.html#a13684258
Sent from the HttpClient-User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
