Post fails with 302, returns same page

Tue, 19 Aug 2003 19:39:25 -0700 

Am trying to automate access to a site which allows file upload. The 1st
page is for login. The 2nd page is for file upload, which loads upon
successful login from page 1. Code for these pages is written for .NET and
running on IIS 6 (domain names changed to protect the guilty in code below).

I've used the Perl & LWP book as a guide and done everything I can think of
to post the form for the 1st page (like taking care of cookies, adding
authentic UA headers, adding Referrer) but it keeps spitting back the same
login page with a 302 status code. Login works fine in any browser I try
(IE, Safari, Camino).

Below are details of the login page form, my perl code to access it, and the
response headers for the failed post. I've about exhausted my resources on
this and would appreciate any info on how to make this work.

TIA


----------------------------------------------------------------------------

************************************
The login page form has these fields
************************************

    name = __VIEWSTATE, type = hidden
    UcLogin1:txtUsername, type = text
    UcLogin1:txtPassword, type = text
    UcLogin1:cmdLogin, type = submit

It also sets these cookies:
.AUTHCOOKIE=3A3559513B6D1445231E8DF5BEBA661CE4D7CEEEFEB5FE08C9E025AE37697BFF
F7AC2DB7C411E0043B6447400A5C29A1CD776B2BF2566EB18CB12021218C8C87E76FB226B1DB
A587; path="/"; domain="acme.com"; path_spec; discard; version=0

ASP.NET_SessionId=aol32cirlssfxoedaunelz55; path="/"; domain="acme.com";
path_spec; discard; version=0

ASP.NET_SessionId=1z42nverpm5alkfkryntkk3t; path="/"; domain="www.acme.com";
path_spec; discard; version=0


************
My perl code
************

use LWP::UserAgent;

$browser = LWP::UserAgent->new;

$browser->cookie_jar( {} );            # enable cookies
$response = $browser->get("https://www.acme.com/file/";);
$doc = $response->content;
$doc =~ m/name="__VIEWSTATE" value="(.*?)"/;    # grab hidden viewstate form
variable and add to $form_vars
$viewstate = $1;

$https_url = 
'https://acme.com/file/login.aspx?ReturnUrl=%2ffile%2findex.aspx'; # form
action
%form_headers =  (
    'Referer' => 
'https://acme.com/File/login.aspx?ReturnUrl=%2ffile%2findex.aspx',
    'User-Agent' => 'Mozilla/4.76 [en] (Win98; U)',
    'Accept-Language' => 'en-US',
    'Accept-Charset' => 'iso-8859-1,*,utf-8',
    'Accept-Encoding' => 'gzip',
    'Accept' => "image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
image/png, */*",
    );
    
push(@$form_vars, '__VIEWSTATE'  => $viewstate);
# hidden var
push(@$form_vars, 'UcLogin1:txtUsername'  => 'uname');
# username
push(@$form_vars, 'UcLogin1:txtPassword'  => 'pword');
# password
push(@$form_vars, 'UcLogin1:cmdLogin'  => 'Login');
# named submit button with value

$response = $browser->post($https_url, $form_vars, %form_headers);
# post login form  
$doc = $response->content;
print $doc;

**************************
Returned headers from post
**************************
'_headers' => HTTP::Headers=HASH(0x9b6d60)
   'cache-control' => 'private'
   'client-date' => 'Wed, 20 Aug 2003 00:29:23 GMT'
   'client-response-num' => 1
   'client-ssl-cert-issuer' => '/C=GB/O=Comodo Limited/OU=Comodo Trust
Network/OU=Terms and Conditions of use:
http://www.comodo.net/repository/OU=(c)2002 Comodo Limited/CN=Comodo Class 3
Security Services CA'
   'client-ssl-cert-subject' =>
'/C=US/2.5.4.17=46615/ST=Florida/L=Orlando/2.5.4.9=ORLANDO/2.5.4.9=3024
FLAMINGO AVE./O=ACME Inc/OU=ACME Inc/OU=InstantSSL Pro/CN=www.acme.com'
   'client-ssl-cipher' => 'RC4-MD5'
   'client-ssl-warning' => 'Peer certificate not verified'
   'content-length' => 2993
   'content-type' => 'text/html; charset=utf-8'
   'date' => 'Wed, 20 Aug 2003 00:29:24 GMT'
   'location' => '/file/index.aspx'
   'microsoftofficewebserver' => '5.0_Pub'
   'server' => 'Microsoft-IIS/6.0'
   'set-cookie' => ARRAY(0x36c2c0)
      0  'ASP.NET_SessionId=aol32cirlssfxoedaunelz55; path=/'
      1  
'.AUTHCOOKIE=3A3559513B6D1445231E8DF5BEBA661CE4D7CEEEFEB5FE08C9E025AE37697BF
FF7AC2DB7C411E0043B6447400A5C29A1CD776B2BF2566EB18CB12021218C8C87E76FB226B1D
BA587; path=/'
   'title' => 'Object moved'
   'x-aspnet-version' => '1.1.4322'
   'x-powered-by' => 'ASP.NET'
'_msg' => 'Found'
'_protocol' => 'HTTP/1.1'
'_rc' => 302
'_request' => HTTP::Request=HASH(0x988a34)
   '_content' => 
'__VIEWSTATE=dDwxNjEzNDcwNTY3Ozs%2BL8uvsmCZLzJf4Is91Q%2FsUSKiZxk%3D&UcLogin1
%3AtxtUsername=tasbill&UcLogin1%3AtxtPassword=tasbill&UcLogin1%3AcmdLogin=Lo
gin'
   '_headers' => HTTP::Headers=HASH(0x98a75c)
      'accept' => 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
image/png, */*'
      'accept-charset' => 'iso-8859-1,*,utf-8'
      'accept-encoding' => 'gzip'
      'accept-language' => 'en-US'
      'content-length' => 154
      'content-type' => 'application/x-www-form-urlencoded'
      'referer' => 
'https://acme.com/File/login.aspx?ReturnUrl=%2ffile%2findex.aspx'
      'user-agent' => 'Mozilla/4.76 [en] (Win98; U)'
   '_method' => 'POST'
   '_uri' => URI::https=SCALAR(0x9604b8)
      -> 'https://acme.com/file/login.aspx?ReturnUrl=%2ffile%2findex.aspx'



-- 
Randall Perry
sysTame

Xserve Web Hosting/Co-location
Website Development/Promotion
Mac Consulting/Sales

http://www.systame.com/

Reply via email to