cfhttp - access response URL parameters

I am using <cfhttp to login to an interface (passing username and password with <cfhttpparam.

I need to access the URL variables (Query String) of the page displayed after login.  In other words.. if I login manually, after logging in, I am displayed a page which has the session id in the query string. I want to access this query string when logging in via <cfhttp.

Does anyone know if/how I can access the QueryString or URL of the page returned from a cfhttp POST request?

Many Thanks

Jason
Jay1607Asked:
Who is Participating?
 
ZvonkoConnect With a Mentor Systems architectCommented:
Not tested but check the parameter: redirect="No"
      
From description:
=======================
If the response header includes a Location field, determines whether to redirect execution to the URL specified in the field.

    * Yes redirects execution to the specified page.
    * No stops execution and returns the response information in the cfhttp variable, or throws an error if the throwOnError attribute is True.

The cfhttp.responseHeader.Location variable contains the redirection path. ColdFusion follows a maximum of four redirects on a request. If there are more, ColdFusion functions as if redirect ="no".
=======================

That mean: your queryString is after the response in the variable: cfhttp.responseHeader.Location

 
0
 
_agx_Commented:
My guess - this isn't possible with a cfhttp POST.  If you really needed the functionality, I suspect you'd need a different tool.  It might be possible with java:
http://stackoverflow.com/questions/1456987/httpclient-4-how-to-capture-last-redirect-url

If it were a GET request, you'd have options.  (But what login page would use GET? ;-)
http://www.bennadel.com/blog/934-Ask-Ben-Handling-Redirects-With-ColdFusion-CFHttp.htm



0
 
ansudhindraCommented:
May be use can you use TRACE method, insead of "GET" or "POST" method.

Using TRACE method we can get cfide and cftoken from a coldfusion server and you can use those ids to send automated requests to CF server. With cfid and cftoken you get more session details.
0
Cloud Class® Course: Certified Penetration Testing

This CPTE Certified Penetration Testing Engineer course covers everything you need to know about becoming a Certified Penetration Testing Engineer. Career Path: Professional roles include Ethical Hackers, Security Consultants, System Administrators, and Chief Security Officers.

 
_agx_Commented:
That's a good thought.  But I didn't think it works combination with POST.  AFAIK they're mutually exclusive, which might cause a problem.  I'm assuming the redirect only happens when the login is successful.  Meaning the request type would have to be a POST (with those form fields) for there to even be anything to TRACE.
0
 
_agx_Commented:
Yeah, I was thinking about that too.  But I wasn't sure the session would still be valid. Definitely worth trying though, cause I could be wrong.
0
 
Jay1607Author Commented:
Zvonko, I dropped in redirect="No", and voila!!! there was the location var with the url variable I needed!

Thank you!!
0
 
ZvonkoSystems architectCommented:
You are welcome <|:-)
0
 
_agx_Commented:
@Jay1607

So the session value referenced is still valid even though the full login (ie redirect) is canceled?  Never know when I might need this in the future, so want to verify it works as desired.
0
 
Jay1607Author Commented:
Correct.  It works exactly as needed..
0
 
Jay1607Author Commented:
Worth pointing out.. I'm not logging into a CF App.. I think it's an old Delphi app..
0
 
_agx_Commented:
@Jay1607,

Great, thanks!

Good point about the app though.  There's probably lots of different handling for sessions.  So it may well vary by platform.

Cheers
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.