- While many sites feed back cookies, others will send back URIs imbedding the session ID. - You may want to look at the HTTP RFC2616 and some of the other RFCs on state management and authentication. At least keep it handy.
- There can also be a variety of annoyances like silent redirections. You may need a proxy tool like Achilles to walk through and record the request-response chain and examine it afterward. Also, a general caution to keep in mind is that many sites and versions of web servers have specific idiosyncrasies that you may need to deal with. HTTP/1.1 has a lot of optimizations and complexities that you may not need. Look to HTTP/1.0 to start.
- There is no current support in Unicon for HTTPS. (I started to look at leveraging OpenSSL but have had no time). You should be able to use stunnel to open an SSL tunnel and reduce the problem to HTTP through the tunnel. I've done this before using another (defunct) tool instead of stunnel.
David
Wade Bowmer wrote:
At 04:26 AM 10/06/2003 -0700, Richard H. McCullough wrote:
For those web sites that require member login, is it possible to pass username and password in the open(http) header?
Generally, if a web browser can do it, then Unicon can do it. It's just a Simple Matter Of Programming. :-)
In practice, there are several ways a site can ask for a member login. The first and probably the simplest uses an extension of HTTP called Authentication, which is documented in the RFC. AFAICR, it requires checking for a particular response that indicates an authentication is required, then supplying an extra header in future requests to the same web server with the encoded password.
The next simplest is probably more common and involves a HTTP POST with the username and password in certain fields. Such pages usually return a HTTP Cookie which (obviously) would be sent in subsequent requests. This also requires a bit of reverse-engineering of the target page to know which fields to post!
The third and probably the hardest to do in Unicon is the second behind an HTTPS page. That requires SSL and thus encryption...
Wade Bowmer <[EMAIL PROTECTED]>
------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Unicon-group mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/unicon-group
------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. _______________________________________________ Unicon-group mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/unicon-group
