[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 181
  • Last Modified:

Faking a POST

I'm building a program that automates some web-research that I do on a regular basis. The prog is based around a simple telnet client and connects to various webservers to get it's info.

GET stuff is easy but even though I have the original RFC documents I cannot seem to find a good demonstration of how the POST mechanism works.

I am assuming that it uses a header with the infomation being sent to the CGI going in name = value pairs. Can anyone give me a good example of what these headers look like?

A straight dump of what a browser sends when actioning a FORM with POST method would be perfect.


Thanks
Marty
0
mravell
Asked:
mravell
  • 3
1 Solution
 
fasterCommented:
It is not in a header.

For example:

POST /test.cgi HTTTP/1.0\r\n
Content-Length: 14\r\n
\r\n
name=12&age=21

0
 
fasterCommented:
Please note that an empty line is the end of headers, then the body comes which contains the form data.  Content-Length should contain the length of the body.

Normally the request generated by browser is more complex, but the above-mentioned is the ones that really matters.

Below is a real request (when the browser uses to a proxy)

POST http://dilbert.eccs.ap:82/u/EN/dbilogin/cgi/login_main.cgi HTTP/1.0
Accept: application/vnd.ms-excel, application/msword, image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Referer: http://dilbert.eccs.ap:82/u/EN/dbilogin/cgi/login_main.cgi?URI=http%3a//dilbert.eccs.ap%3a82/p/EN/home/cgi/DBI_home.cgi
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 4.01; Windows 95)
Host: dilbert.eccs.ap:82
Content-Length: 129
Pragma: No-Cache

postdata...

Refer to RFC1945 for detail.
0
 
mravellAuthor Commented:
Hi faster,

Thanks for the reply. This is exactly what I needed!

How did you get the example you included in the reply? I have another question open in C and CGI areas asking for a network sniffer utility that would have let me find this stuff out myself. If you have such a beast you could get the points from those Q's as well. (I'd still like to get my hands on such a program)


Thanks
Marty
0
 
fasterCommented:
I used my proxy server to get the request from browser, so it is not really a sniffer.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now