Ideally for HTML Mail signature in Outlook Mail (windows) we use .htm file and place that file in folder Users\UserName\AppData\Roaming\Microsoft\Signatures
Lets Suppose:
HTML Markup:
<img src="someImage">
For embedding image as an attachment, I will have to use cid so the
HTML Markup changes to:
<img src="cid:0123456789">
Since this image is referencing to some cid in multipart/related.
So the referenced part would be something like this i.e
--boundary
Content-Type: image/png; name="sig.png"
Content-Disposition: inline; filename="sig.png"
Content-Transfer-Encoding: base64
Content-ID: <0123456789>
Content-Location: sig.png
base64 data
--boundary
Now my question is in which place I will have to put the above multipart/related (referenced) code?
Inside the same HTML file? like this?
From HTML5 <html5#example.com>
From: HTML5 <html5#example.com>
To: HTML5 <html5#example.com>
Subject: =?utf-8?B?SFRNTDUgRW1haWw=?=
Date: Sat, 20 Dec 2008 04:07:13 -0500
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="mixed-boundary"
--mixed-boundary
Content-Type: multipart/alternative; boundary="alternative-boundary"
--alternative-boundary
Content-Disposition: inline; filename*=UTF-8''html5_email.txt
Content-Type: text/plain; format=flowed; delsp=yes; charset=UTF-8; name*=UTF-8''html5_email.txt
Content-Transfer-Encoding: 8bit
Note: This email is an HTML-based email. However, your client doesn't support HTML or you have HTML display
turned off. Below is a text/plain alternative of the HTML version.
*HTML5 Email*
[Green square]
--
HTML5 [Christmas tree with blinking lights]
--alternative-boundary
Content-Type: multipart/related; boundary="related-boundary"
--related-boundary
Content-Disposition: inline; filename*=UTF-8''html5_email.html
Content-Type: text/html; charset=UTF-8; name*=UTF-8''html5_email.html
Content-Transfer-Encoding: 8bit
<!DOCTYPE html>
<html lang="en-US">
<head>
<meta charset="UTF-8">
<title>HTML5 Email</title>
<link rel="stylesheet" type="text/css" href="html5_email.css">
</head>
<body>
<h1>HTML5 Email</h1>
<p><img src="html5_email.png" alt="Green square"></p>
<p class="sig">--<br>HTML5 <img src="tree.gif" alt="Christmas tree with blinking lights"></p>
</body>
</html>
--related-boundary
Content-Disposition: inline; filename*=UTF-8''html5_email.css
Content-Type: text/css; charset=UTF-8; name*=UTF-8''html5_email.css
Content-Transfer-Encoding: 8bit
Content-Location: html5_email.css
#charset="UTF-8";
p, h1 {
text-align: center;
border: 2px solid #000
}
p.sig {
border: 0;
text-align: left;
color: #f00;
}
p.sig img {
vertical-align: top;
}
--related-boundary
Content-Disposition: inline; filename*=UTF-8''html5_email.png
Content-Type: image/png; name*=UTF-8''html5_email.png
Content-Transfer-Encoding: Base64
Content-Location: html5_email.png
iVBORw0KGgoAAAANSUhEUgAAAUAAAADwCAIAAAD+Tyo8AAAABGdBTUEAALGPC/xh
BQAAAAFzUkdCAK7OHOkAAAAgY0hSTQAAeiYAAICEAAD6AAAAgOgAAHUwAADqYAAA
OpgAABdwnLpRPAAAAgpJREFUeNrt00EJAAAIwMBFN7od/AkHl2CwmoCvJAADAwYG
DAwGBgwMGBgwMBgYMDBgYDAwYGDAwICBwcCAgQEDAwYGAwMGBgwMBgYMDBgYMDAY
GDAwYGDAwGBgwMCAgcHAgIEBAwMGBgMDBgYMDAYGDAwYGDAwGBgwMGBgwMBgYMDA
gIHBwICBAQMDBgYDAwYGDAwYGAwMGBgwMBgYMDBgYMDAYGDAwICBAQODgQEDAwYG
AwMGBgwMGBgMDBgYMDAYGDAwYGDAwGBgwMCAgQEDg4EBAwMGBgMDBgYMDBgYDAwY
GDAwYGAwMGBgwMBgYMDAgIEBA4OBAQMDBgYkAAMDBgYMDAYGDAwYGDAwGBgwMGBg
MDBgYMDAgIHBwICBAQMDBgYDAwYGDAwGBgwMGBgwMBgYMDBgYMDAYGDAwICBwcCA
gQEDAwYGAwMGBgwMBpYADAwYGDAwGBgwMGBgwMBgYMDAgIHBwICBAQMDBgYDAwYG
DAwYGAwMGBgwMBgYMDBgYMDAYGDAwICBAQODgQEDAwYGAwMGBgwMGBgMDBgYMDAY
GDAwYGDAwGBgwMCAgQEDg4EBAwMGBgMDBgYMDBgYDAwYGDAwYGAwMGBgwMBgYMDA
gIEBA4OBAQMDBgYMDAYGDAwYGAwMGBgwMGBgMDBgYMDAYGDAwICBAQODgQEDAwYG
DAwGBgwM3C2f1QjLwtmLSAAAAABJRU5ErkJggg==
--related-boundary
Content-Disposition: inline; filename*=UTF-8''tree.gif
Content-Type: image/gif; name*=UTF-8''tree.gif
Content-Transfer-Encoding: Base64
Content-Location: tree.gif
R0lGODlhKAA8AIMLAAD//wAhAABKAABrAACUAAC1AADeAAD/AGsAAP8zM///AP//
///M//////+ZAMwAACH/C05FVFNDQVBFMi4wAwGgDwAh+QQJFAALACwAAAAAKAA8
AAME+3DJSWt1Nuu9Mf+g5IzK6IXopaxn6orlKy/jMc6vQRy4GySABK+HAiaIoQdg
uUSCBAKAYTBwbgyGA2AgsGqo0wMh7K0YEuj0sUxRoAfqB1vycBN21Ki8vOofBndR
c1AKgH8ETE1lBgo7O2JaU2UFAgRoDGoAXV4PD2qYagl7Vp0JDKenfwado0QCAQOQ
DIcDBgIFVgYBAlOxswR5r1VIUbCHwH8HlQWFRLYABVOWamACCkiJAAehaX0rPZ1B
oQSg3Z04AuFqB2IMd+atLwUBtpAHqKdUtbwGM1BTOgA5YhBr374ZAxhAqRVLzA53
OwTEAjhDIZYs09aBASYq+94HfAq3cRt57sWDct2EvEsTpBMVF6sYeEpDQIFDdo62
BHwZApjEhjW94RyQTWK/FPx+Ahpg09GdOzoJ/ESx0JaOQ42e2tsiEYpCEFwAGi04
8g6gSgNOovD0gBeVjCPR2BIAkgOrmSNxPo3rbhgHZiMFPnLkBg2BAuQ2XdmlwK1Z
ooZu1sRz6xWlxd4U9GIHwOmdzFgCFKCERYNoeo2BZsPp0KY+A/OAfZDYWKJZLZBo
1mQXdlojvxNYiXrD8I+2uEvTdFJQksID0XjXiUwjJm6CzBVeBQgwBop1ZPpC8RKt
YN5RCpS6XiyMht093o8KcFFf/vKE0dCmaLeWYhQMwbeQaHLRfNk9o5Q13lQGklFQ
aMLFRLcwcN5qSWmGxS2jKQQFL9nEAgxsDEiwlAHaPPJWIfroo6FVEun0VkL4UABA
CAjUiIAFM2YQogzcoLCjC3HNsYB1aSBB5JFrZBABACH5BAkUAAsALAAAAAAoADwA
AwT7cMlJa3U2670x/6DkjKQXnleJrqnJruMxvq8xHDQbJEyC5yheAnh6MI5HYkgg
YNgGSo7BcGAMBNHNYGA7ELpZiyFBLg/DFvLArEBPHoAEgXDYChQP90IAoNYJCoGB
aACFhX8HBwoGegYAdHReijZoBXxmPWRYYQ8PZmSZZHmcnqBITp2jSgIBN5BVBFwC
BVkGAQJPiVV2rFCrCq1/sXUHAgQFAL45BncFNgSfW8wASoKBB59lhoVAnQqfDNCf
AJ05At5msHPiCeSqLwUBzF6nVnXSuIwvTDYGsXPhiMmSRUOWAC436HmZU+yGDQYF
81FhV+aevzUM3oHoZBD7W7Zs9VaUIhOn4pwE38p0srLCQCqSciBFUuBFGgEryj7E
Ojhg2yOG1hQMIMCEy4p8PB8llKmAIReiW040keUvmUygiexcwbWJwxUrzBDW+Thn
qLEB5UDUe0LxYwJmAhKk+pAqVLZE69qWGZpTQwG7ZISuw7uwzDFAXTXYYoJraKym
Q/HSASDpiiUFljbYitfYRtCF635yMRBUn4UA8aYclCw0shefW7gUgPxBKGPHA5pK
MpwsKy5AcmNZSIVHjdjI2eLwVZlK44IHQT8lkq7XTDznrAIEWMTErZwbsT/hQj1L
noXLV6YwS5eIJqIDf4tyLZB5Av1ZNrLzQSplrXVkOgxItBU1E+DCwC2xFZUME5dZ
c5AB9aw2jXkSQLhFIrj4xAx9szGWzwABdkGATwuAeEokW4wY24oK8MMViAjxxcc8
E0CUAYETIKAjAifgWGMI2ehBgVtCeleGEkYmeUYGEQAAIfkECRQACwAsAAAAACgA
PAADBPtwyUlrdTbrvTH/oOSMpBeeV4muqcmu4zG+r6EcNBskSoLnJ4VQCAw9ErzE
oxgSCBSGwYDJMRgOhIGAupFGsVEG12JAmpHicaU3QDPe6fHjoSAQDlIBY6leDIUD
dnp9C04DdXh3eAaEUTeKdwJRagUCBGdnW3JHmJh8XHNmWAeLDwCfRQIBA6MMiQMG
AgBcBgGSUgeuWQMAvb1MAgWruXAMrJYAUkU2wVGXDGZeAIxMCgVfaJhOVkB/PWeX
nXM5AnScSKR2dmZzqCwFUAKjo1l4XpLULNuwWXYHAHgWCYD15AXBgV+wEACg7sDA
A45oaLFy5ZKvXvYMEPCGYvvOwQOYAHRCQufFuU7/wp2Zo2AKCgPtwN3xR8/LLpcg
kg1khaVlQyw8GRAwlC8nvp2HeM5UR8CYxp05L8ay8YcplmLGtmniwCtKLFhJR9oR
amnAuBAiH9wK9G1kAgaxBCg5u6HdSUzp1LlNCqJAgZGBaC41Q6DAUAUfajm5ZUdK
v7z08ATjmKGWAltecaVTqE5oFisB/EIpSiH06IcKpQTa3JSVagPCWm7wZsgOwJkg
3xaTrJFkFgvtFHDywmt1J2iB2pC0C9x0yItnsLx1K8xdoQDYCcQ9I5KwaynaalUS
RnpBpYH4YiXoTipgIlIFtLSUFKwSBb/NtGCnb2Zl51fHo8hnhRZbSfCEKkgZkkcw
TgBgyVdxeQNRMNNMoMBOpBxFUSx+ObgYPgS1BBRss/jxxzwAqsbLRfwh1VJyF5WI
2AkIAIAAAiiUKMGMICDRXQIn6IiCW4Qs4NYZTByppBkbRAAAIf4ZQm95J3MgSGFw
cHkgSG9saWRheXMgUGFnZQA7
--related-boundary--
--alternative-boundary--
--mixed-boundary
Content-Disposition: attachment; filename*=UTF-8''example1.txt
Content-Type: text/plain; charset=UTF-8; name*=UTF-8''example1.txt
Content-Transfer-Encoding: 8bit
ï
--mixed-boundary
Content-Disposition: attachment; filename*=UTF-8''example2.txt
Content-Type: text/plain; charset=UTF-8; name*=UTF-8''example2.txt
Content-Transfer-Encoding: 8bit
ZipZamBam
--mixed-boundary--
But incorporating HTML with multipart this way results a .eml instead of .html? Can anyone help me please?
I am absolutely a newbie into this.
The image files go to a subfolder. Look at an existing Outlook signature that uses an image.
Related
I execute this curl request from command line:
curl -X POST https://www.googleapis.com/bigquery/v2/projects/projname/queries?key={AIzaSyB740elm45sh9AkpuaekZW8eJbRi_oDDAc} \
After this command, I have a list of parameters to be passed:
{
"query": "SELECT * FROM [red-road-574:TestSridevi.Trucks] LIMIT 20",
"defaultDataset": {
"datasetId": "TestSridevi",
"projectId": "red-road-574"
}
}
Bur after executing the first command itself, I get the error:
<!DOCTYPE html>
<html lang=en>
<meta charset=utf-8>
<meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Error 411 (Length Required)!!1</title>
<style>
*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}#media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}#media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}#media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
</style>
<a href=//www.google.com/><span id=logo aria-label=Google></span></a>
<p><b>411.</b> <ins>That’s an error.</ins>
<p>POST requests require a <code>Content-length</code> header. <ins>That’s all we know.</ins>
Any advice on how to resolve this would be appreciated.
This will probably work:
curl -X POST -d "" https://www.googleapis.com/bigquery/v2/projects/projname/queries?key={AIzaSyB740elm45sh9AkpuaekZW8eJbRi_oDDAc}
The error message said that POST requests needs their Content-length header field filled out, which you did not provide. The -d "" switch fills out that for you. You could also just send a GET request instead, for which you don't need to provide the switch.
Here is a list of HTTP status codes:
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes
The server wants you to specify the length of the request's content.
If you add -d "" onto the request CURL will send a Content-Length: 0 header.
I found this here: https://serverfault.com/questions/315849/curl-post-411-length-required
I would like to build a simple automated signer up for a website of mine.
I tried with this:
import requests
url = "http://pountex.altervista.org/registrati/"
payload = { "user": "a",
"email": "a#a.com",
"passw1": "a",
"passw2": "a" }
r = requests.post(url, data=payload)
print (r.text)
But nothing happends. The comment doesn't being created.
This is the html part of the comments form:
<input class="text-input default_field_username" name="username" maxlength="70" id="username" value="" type="text">
<input class="text-input default_field_email" name="email" maxlength="70" id="email" value="" type="email">
<input class="text-input" name="passw1" maxlength="70" id="passw1" value="" autocomplete="off" type="password">
<input class="text-input" name="passw2" maxlength="70" id="passw2" value="" autocomplete="off" type="password">
<input name="register" id="register" class="submit button" value="Registrati " type="submit">
#nander-speerstra thanks for your links, but the real problems was the http request. I've always sended:
payload = { "user": "a",
"email": "a#a.com",
"passw1": "a",
"passw2": "a" }
But after an analysis of http post request, i realized the there were these options:
Content-Disposition: form-data; name="username"
a
Content-Disposition: form-data; name="email"
a#a.com
Content-Disposition: form-data; name="passw1"
a
Content-Disposition: form-data; name="passw2"
a
Content-Disposition: form-data; name="register"
Registrati
Content-Disposition: form-data; name="action"
register
Content-Disposition: form-data; name="form_name"
unspecified
Content-Disposition: form-data; name="register_nonce_field"
5d5162e9e1
Content-Disposition: form-data; name="_wp_http_referer"
/registrati/
So the final script is:
import requests
url = "http://pountex.altervista.org/registrati/"
payload = { "username":"a",
"email":"a#a.com",
"passw1":"a",
"passw2":"a",
"register":"Registrati ",
"action":"register",
"form_name":"unspecified",
"register_nonce_field":"59cf20fe78",
"_wp_http_referer":"/registrati/?doing_wp_cron=1470266089.5451300144195556640625"
}
r = requests.post(url, params=payload)
When I click on the share button on this page, Facebook doesn't recognize the parameters I'm passing through og tags.
The problem seems to be Facebook is getting a "404" Response code, according to Open Graph Object Debuger
I checked the Response code from the page and get different results with different tools:
http://tools.seobook.com/server-header-checker/ -> 404 Not Found
http://web-sniffer.net/ -> 404 Not Found
http://httpstatus.io/ -> 200 OK
https://monitorbacklinks.com/seo-tools/http-header-status-check -> 200 OK
http://www.axandra.com/free-online-seo-tool/status-code.php -> 200 OK
If I telnet the server I get a "301 Moved Permanently" and the contents are returned correctly:
$ telnet mlgestion.es 80
Trying 46.105.153.112...
Connected to mlgestion.es.
Escape character is '^]'.
GET /es/Venta-Viviendas-Apartamento-Sur-Retamar-Almeria/59215/ HTTP/1.1
HOST: mlgestion.es
HTTP/1.1 301 Moved Permanently
Date: Thu, 05 Nov 2015 13:10:50 GMT
Server: Apache/2.2.23 (CentOS)
X-Powered-By: PHP/5.1.6
Location: //www.mlgestion.es/es/Venta-Viviendas-Apartamento-Sur-Retamar-Almeria/59215/
Vary: Accept-Encoding,User-Agent
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
950a
<!DOCTYPE HTML>
<html class="js" xml:lang="es" xmlns="http://www.w3.org/1999/xhtml" lang="es"><head>
<title>Apartamento en venta en Sur, Retamar, Almeria [Ref.59215]. 2 dormitorios</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="description" content="¿Quieres vivir en primera linea de playa a bajo coste? te presentamos este bonito apartamento ubicado en Retamar a 70 metros de la playa, en pleno paseo marítimo, residencial...">
<meta property="og:title" content="Venta Apartamento - Sur, Retamar, Almería [59215]" />
<meta property="og:image" content="http://mlgestion.es/_dat/100/44/fotos//59215/1-foto-800x535.jpg" />
<meta property="og:image:width" content="450"/>
<meta property="og:image:height" content="298"/>
<meta property="og:url" content="http://mlgestion.es/es/Venta-Viviendas-Apartamento-Sur-Retamar-Almeria/59215/" />
<meta property="og:description" content="Oportunidad en 1ª linea de playa ¿Quieres vivir en primera linea de playa a bajo coste? te pre
...
Other pages of the same site are fetched correctly (without photo) by Facebook.
I'm trying to log in one website using perl HTTP:Request and LWP:UserAgent. I added alI http headers which i found using Firebug and anyway get the error that CRFS Token is not defined
my $ua = LWP::UserAgent->new(keep_alive=>1);
$useragent->credentials('www.refer.org:80','','maila#gmail.com','pwd');
$request = HTTP::Request->new('POST','https://www.refer.org/account/signin',
HTTP::Headers->new(<add all headers found in the header>));
$response = $useragent->request($request);
print $response->as_string;
headers found by Firebug:
Request URL:https://bla/login
Request Method:POST
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,de;q=0.6
Connection:keep-alive
Content-Length:58
Content-Type:application/x-www-form-urlencoded
Cookie:logout=1364426556.61; sessionid=47b306354faa7357281a6cb1f0298df1; maestro_user=%7B%22id%22%3A%22%22%2C%22email_address%22%3A%22%22%2C%22external_id%22%3A%226c104964ceb5d7ceb4575cab729ba7aa%22%2C%22photo_24%22%3A%22%22%2C%22photo_60%22%3A%22%22%2C%22photo_120%22%3A%22%22%2C%22display_name%22%3A%22%22%2C%22full_name%22%3A%22%22%2C%22privacy%22%3A100%2C%22groups%22%3A%5B%5D%2C%22is_superuser%22%3Afalse%2C%22is_staff%22%3Afalse%2C%22identity_verified%22%3Afalse%2C%22locale%22%3A%22en_US%22%2C%22timezone%22%3A%22%22%7D; __utma=158142248.1347071395.1348726747.1364423066.1364426537.88; __utmb=158142248.4.10.1364426537; __utmc=158142248; __utmz=158142248.1348726747.1.1.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); csrftoken=zUZft9KwWmmogYbjR906daJB
Host:https://www.referer.org/
Origin:https://www.referer.org/
Referer:https://www.referer.org/account/signin
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22
X-CSRFToken:zUZft9KwWmmogYbjR906daJB
X-Requested-With:XMLHttpRequest
here is a response header in the Firebug if anybody is interested
Response Headersview source
Cache-Control:no-cache, no-store, must-revalidate
Connection:keep-alive
Content-Encoding:gzip
Content-Length:725
Content-Type:application/json
Date:Wed, 27 Mar 2013 23:23:18 GMT
Server:nginx/1.2.6
Set-Cookie:sessionid=1ac9a133760f02c6fb8c61daebe7fc6d; expires=Wed, 10-Apr-2013 23:23:18 GMT; httponly; Max-Age=1209600; Path=/
Set- Cookie:maestro_login="cuPT1ZexESKY8gOQaLRRoBzxTnS0diEitb7Dy4g9h9FwfWO4PM5ppRYnQlLFM6++HX5TcA1lrrly5Fi/ie1bjw==|mRCAxgo374DL1N6yNRkDOh6Zony+s8InBTugfXb/ovuNff0LfudF6Z6mVP2qz2zxIgZ/kGUCbgRcb7+KUEvLPGY8AWBa2wCAV71fgUaAysm5NAPEaXV0k4C5ErQhOldAMVvyTspAR2PIXT+T2GY0mUGtUUTvZ1G2PI5knDjxQ2lnLuJNjEn0knrOA9bRspfAq8RwCl1cCSO5VjmrSquRlCEUf8MdUBD9Ea3abyKpDyfFx0vMBa2QMjxzOBYGqou8UPDizbjL4E6E5axmXl+wRt+QwpZNHASTh3l3h5Q90R2bWtLWlNQdC+mOlC4p0UXsQkIed9J7WXgQXpYbFNf6R7395LNJhr8mz0lQBWRimGBmqJCfpeKtYYACeH22QtXnRkgQxx44VmZ3XbaiKGKOdL7b/2kw9tJQxFZC/5bPQwemWxmJMfLW8YZtxdcugoKACnpyENjuxlHm7Ndt36KXKIq2rZdtwP8joLYpQQdkc6g="; expires=Fri, 26-Apr-2013 23:23:18 GMT; Max-Age=2592000; Path=/
Vary:Cookie
Vary:Accept-Encoding
and the response as i executed the perl code
HTTP/1.1 403 FORBIDDEN
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Date: Thu, 28 Mar 2013 07:17:48 GMT
Server: nginx/1.2.6
Vary: Accept-Encoding
Content-Length: 1006
Content-Type: text/html; charset=utf-8
Content-Type: text/html; charset=utf-8
Client-Date: Thu, 28 Mar 2013 07:17:48 GMT
Client-Peer: xxx
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com,
Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification
Authority/serialNumber=07969287
Client-SSL-Cert-Subject: /O=*.refer.org/OU=Domain Control Validated/CN=*.refer.org
Client-SSL-Cipher: AES256-SHA
Client-SSL-Warning: Peer certificate not verified
Title: 403 Forbidden
X-Meta-Robots: NONE,NOARCHIVE
<!DOCTYPE html>
<html lang="en">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<meta name="robots" content="NONE,NOARCHIVE">
<title>403 Forbidden</title>
<style type="text/css">
html * { padding:0; margin:0; }
body * { padding:10px 20px; }
body * * { padding:0; }
body { font:small sans-serif; background:#eee; }
body>div { border-bottom:1px solid #ddd; }
h1 { font-weight:normal; margin-bottom:.4em; }
h1 span { font-size:60%; color:#666; font-weight:normal; }
#info { background:#f6f6f6; }
#info ul { margin: 0.5em 4em; }
#info p, #summary p { padding-top:10px; }
#summary { background: #ffc; }
#explanation { background:#eee; border-bottom: 0px none; }
</style>
</head>
<body>
<div id="summary">
<h1>Forbidden <span>(403)</span></h1>
<p>CSRF verification failed. Request aborted.</p>
</div>
<div id="explanation">
<p><small>More information is available with DEBUG=True.</small></p>
</div>
</body>
</html>
i didn't use 'https:// bla/login' as the website on the link is permanently unavailable
i will try WWW:Mechanism tomorrow. But here i wonder if there are any other way to define CSRF header?
I see a lot of issues in your code:
You don't POST but GETing instead (you're not using your $req
objuect!).
You don't sending cookies to the target site but Firefox sends some
cookies.
You don't set Referer header too.
Life is short so use WWW::Mechanize instead plain LWP...
P. S. you can set headers like this:
$req->header("X-CSRFToken" => "zUZft9KwWmmogYbjR906daJB", Referer => 'http://ww
w.test.com/', "X-Requested-With" => "XMLHttpRequest");
emphasized text
I want to automatically login on a website (POST with cookie) then fill a couple of forms.
1/I tried to do it using curl, but I am not sure that is possible. At least I have not managed to do it using the
curl --cookie mycookie.txt --data "login=mylogin&password=mypassword&Button=Login" [the url of the website]
''Edit''
here is the result of the curl command (including the header --include):
Content-Type: text/html
Server: Microsoft-IIS/6.0
X-Powered-By: PHP/5.2.6
Set-Cookie: PHPSESSID=b865a8e357d4f945e576aebe4f288320; path=/
Set-Cookie: cookiename=deleted; expires=Wed, 14-Jul-2010 06:43:26 GMT
X-Powered-By: PleskWin
X-Powered-By: ASP.NET
Date: Thu, 14 Jul 2011 06:43:26 GMT
Connection: close
<html>
<head>
<title>:: Welcome ::</title>
<link rel="stylesheet" type="text/css" href="Styles/textset.css">
<script language="JavaScript" type="text/javascript">
//Begin CCS script
//Include Common JSFunctions #1-252A7665
</script>
<script language="JavaScript" src="ClientI18N.php?file=Functions.js&locale=en" type="text/javascript" charset="utf-8"></script>
<script language="JavaScript" src="HeaderFunctions.js" type="text/javascript"></script>
<script language="JavaScript" type="text/javascript">
//End Include Common JSFunctions
//_OnLoad #1-9C4F01C0
function _OnLoad()
{
var result = true;
//End _OnLoad
//Set Focus #23-D20FE9BF
if (document.forms["Login"] && document.forms["Login"].login) document.forms["Login"].login.focus();
//End Set Focus
//Close _OnLoad #1-BC33A33A
return result;
}
//End Close _OnLoad
//bind_events #1-C1F288D9
function bind_events() {
if (functionExists("header_bind_events")) header_bind_events();
if (functionExists("footer_bind_events")) footer_bind_events();
addEventHandler("", "load", _OnLoad);
}
//End bind_events
window.onload = bind_events; //Assign bind_events #1-19F7B649
//End CCS script
</script>
<link rel="stylesheet" type="text/css" href="Styles/sitename/Style.css">
</head>
...
Does anyone knows what is this CSS script that executes on load? Could it be the reason why I can't login with curl?
How can I know if it is because I am doing something wrong, or because this method cannot work (as I have read on a few posts on SO.)?
2/Another idea would be to use a tool that manipulates chrome (or any browser) to make it press the different buttons. Does this kind of software exists?
Thanks
Looks like a job for PhantomJS. As PhantomJS is built on WebKit, just like Chrome, its behavior should not be that far from Chrome's.