|
You last visited: Today at 20:14
Advertisement
[C#] POST request with other data at same URL
Discussion on [C#] POST request with other data at same URL within the .NET Languages forum part of the Coders Den category.
11/25/2014, 21:31
|
#1
|
elite*gold: 0 
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
[C#] POST request with other data at same URL
- ALL FIXED
|
|
|
|
11/25/2014, 22:58
|
#2
|
elite*gold: 0
Join Date: Apr 2010
Posts: 10,289
Received Thanks: 3,613
|
"doesn't seem to work" isn't a good error description.
Are you using a CookieContainer in your requests?
Also, please provide some more background information and code.
|
|
|
|
|
11/25/2014, 23:18
|
#3
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
Quote:
Originally Posted by Shawak
"doesn't seem to work" isn't a good error description.
Are you using a CookieContainer in your requests?
Also, please provide some more background information and code.
|
Yes I'm using a CookieContainer.
The request seems to be made, because I'm viewing the responsestream in a webbrowsercontrol now.
However it seems like it's not gettiing verified or something like that. ?Caching problem?
The variabeles, which I give the value's of the token to read from the source seem to be the right ones.
Some of my code:
Code:
//Get reloadToken & RTVT
HttpWebRequest tokReq = (HttpWebRequest)HttpWebRequest.Create(marketUrl);
tokReq.CookieContainer = cookieContainer;
tokReq.Method = "GET";
tokReq.CachePolicy = noCachePolicy;
//Grabbing source
using (StreamReader sfreader = new StreamReader(tokReq.GetResponse().GetResponseStream()))
{
marketsource = sfreader.ReadToEnd();
}
//Regex pattern's for extracting the token and RTVT from marketsource
string tokenpattern = @"(?:reloadToken.+value="")(?<Token>[^\""]+)";
string rtvtpattern = @"(?:RTVT.+value=')(?<RTVT>[^']+)";
//Extracting reloadToken and RTVT from source
string reloadToken = Regex.Match(marketsource, tokenpattern).Groups["Token"].Value;
string RTVT = Regex.Match(marketsource, rtvtpattern).Groups["RTVT"].Value;
Does a GET request at the page to store the source in a variable, then it looks with RegEx for the reloadToken and RTVT and stores those in a variable too.
Code:
bidPostData = String.Format("reloadToken=" + reloadToken + "&setBid=true&ItemID=" + ItemID + "&ItemType=" + ItemType + "¤tSelecter=all&bidAmount=" + bidAmount + "&RTVT=" + RTVT + "&ajaxAction=biddOnItem");
HttpWebRequest bidrequest = (HttpWebRequest)HttpWebRequest.Create(bidUrl);
bidrequest.CookieContainer = cookieContainer;
bidrequest.Method = "POST";
bidrequest.CachePolicy = noCachePolicy;
bidrequest.KeepAlive = true;
bidrequest.ContentLength = bidPostData.Length;
bidrequest.ContentType = "application/x-www-form-urlencoded";
bidrequest.AllowAutoRedirect = true;
bidrequest.UserAgent = "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36";
ASCIIEncoding encoding = new ASCIIEncoding();
byte[] loginDataBytes = encoding.GetBytes(bidPostData);
bidrequest.ContentLength = loginDataBytes.Length;
Stream stream = bidrequest.GetRequestStream();
stream.Write(loginDataBytes, 0, loginDataBytes.Length);
//response
HttpWebResponse bidResp = (HttpWebResponse)bidrequest.GetResponse();
Stream datastream = bidResp.GetResponseStream();
StreamReader reader = new StreamReader(datastream);
webBrowser1.DocumentText = reader.ReadToEnd();
reader.Close();
datastream.Close();
bidResp.Close();
Does a POST request at the url and posts the required data, it works. But doing it again (a second time, I'm looking every second with a timer which time it is and when the time is right it does the request again, like once an hour). The second (same) request (but with some different info, reloadToken and RTVT) doesn't have success. And I can't find out why that's happening.
|
|
|
|
|
11/27/2014, 18:02
|
#4
|
elite*gold: 1091
Join Date: Jun 2007
Posts: 19,836
Received Thanks: 7,180
|
Have you considered that the tokens may change on every request? The page may require you to always send the last token set generated by the page.
Well, what HTTP status code do you get on the second post? I'm kinda sure the server will throw a 403 forbidden if it really expects you to send the last token and you do not.
|
|
|
|
|
11/27/2014, 21:10
|
#5
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
I'm using a GET request to find the tokens before every POST request, so every POST request it contains fresh tokens. That's why I find this so strange, because the tokens must be the right tokens.
|
|
|
|
|
11/27/2014, 21:14
|
#6
|
elite*gold: 1091
Join Date: Jun 2007
Posts: 19,836
Received Thanks: 7,180
|
Quote:
Originally Posted by Mostey
Well, what HTTP status code do you get on the second post? I'm kinda sure the server will throw a 403 forbidden if it really expects you to send the last token and you do not.
|
Get yourself a web debugger such as Fiddler4.
|
|
|
|
|
11/27/2014, 21:19
|
#7
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
Quote:
Originally Posted by Mostey
Get yourself a web debugger such as Fiddler4.
|
I have, and the request is just accepted it seems.
|
|
|
|
|
11/27/2014, 21:29
|
#8
|
elite*gold: 1091
Join Date: Jun 2007
Posts: 19,836
Received Thanks: 7,180
|
Quote:
Originally Posted by Cheating-nl
I have, and the request is just accepted it seems.
|
It seems? Just get us the response payload, the HTTP status code and other related information to your requests.
|
|
|
|
|
11/27/2014, 21:49
|
#9
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
First request:
Code:
POST http://gb1.seafight.bigpoint.com/ajax.es HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36
Referer: http://gb1.seafight.bigpoint.com/index.es?action=internalMarketplace&subact=Elite
Host: gb1.seafight.bigpoint.com
Cookie: sfrfsid=7a567b395a76273607e13add6887de22; aid=901; bptid=cceb5f194b860dc4f792ec102427d07b; acr=14; aid_fallback=901; aid_fallback_info=935; bpLandingPage_fallback=http%253A%252F%252Fgb1.seafight.bigpoint.com%252FProjectApi%252FAuthentication%253FauthUser%253D14%2526token%253DY_oYkIFEOh5EB7r1yh7ojxu7ka4Ei1_ck27lbRxW93kgWO7B-ih5x7JsEnOb7zCGpGxEHoOvOaVsZ3AKrsa3sd5Zo--LXXbdmd1usLAnv56A_DjrvD6BTdxLfi1NWOQ5QlC4n9mrbRu8xa6hEzpVi21NPJQbSdm0T0Wm3E-djf-gia3U-Ytg3h-MxUSMlU1xWXa9PQ-EhDR39dB1AeOLCkh8T-fPLt47JOI-Oxb_3f4grz0mVnVbhHue0auuRO9BIoDABAWpo5q70IooOoVguDiyrrHyuGHsEbTVmz1fkWZ-Z4QztPVHyBxtl2LxJg1wCsmdlR9AeTGB1wJSn1FWxjE8i5pelPwtAMT9Ww83hffiToIqOKv0P9sDkgjat5Pj9FOHD3EVuqtGqJ9ricaDZOFfgbLY_Wq4nv_frlFbdy7iLksYAG8Imo8K7DxSMdQpR8Ii-d3JjBAEIvI4gRJ0nyRkQyX4aypnlBj4I6Kx-G3iG1pEUo013EryL7kqZiYF5J3ds_5zRWDGP__AGJrc-yrODjdGshoKARfnsybknpGR7omc3UAPYvkfsOvja5ih6YzYZzdPwdV0wBbhqXivTo0yF-I6smPmFBha7q4R0uY0DK_LDIF5Mz8FD0C6V5U8hcP31A_Q7UFO9pyVjOSawimY3ZX8_A2yTKNUp0pBIZQMlR5gZ7Mx
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 175
Expect: 100-continue
reloadToken=20a1fb27da41888e1930bb6d7ddb5f29&setBid=true&ItemID=4&ItemType=Currency¤tSelecter=all&bidAmount=2&RTVT=main7ddf0bf139b71fed8529d09d7a77&ajaxAction=biddOnItem
Second request:
Code:
POST http://gb1.seafight.bigpoint.com/ajax.es HTTP/1.1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.111 Safari/537.36
Referer: http://gb1.seafight.bigpoint.com/index.es?action=internalMarketplace&subact=Elite
Host: gb1.seafight.bigpoint.com
Cookie: RTVTmain=mainf48cee3b6b15789f58299871ee15; sfrfsid=7a567b395a76273607e13add6887de22; aid=901; bptid=cceb5f194b860dc4f792ec102427d07b; acr=14; aid_fallback=901; aid_fallback_info=935; bpLandingPage_fallback=http%253A%252F%252Fgb1.seafight.bigpoint.com%252FProjectApi%252FAuthentication%253FauthUser%253D14%2526token%253DY_oYkIFEOh5EB7r1yh7ojxu7ka4Ei1_ck27lbRxW93kgWO7B-ih5x7JsEnOb7zCGpGxEHoOvOaVsZ3AKrsa3sd5Zo--LXXbdmd1usLAnv56A_DjrvD6BTdxLfi1NWOQ5QlC4n9mrbRu8xa6hEzpVi21NPJQbSdm0T0Wm3E-djf-gia3U-Ytg3h-MxUSMlU1xWXa9PQ-EhDR39dB1AeOLCkh8T-fPLt47JOI-Oxb_3f4grz0mVnVbhHue0auuRO9BIoDABAWpo5q70IooOoVguDiyrrHyuGHsEbTVmz1fkWZ-Z4QztPVHyBxtl2LxJg1wCsmdlR9AeTGB1wJSn1FWxjE8i5pelPwtAMT9Ww83hffiToIqOKv0P9sDkgjat5Pj9FOHD3EVuqtGqJ9ricaDZOFfgbLY_Wq4nv_frlFbdy7iLksYAG8Imo8K7DxSMdQpR8Ii-d3JjBAEIvI4gRJ0nyRkQyX4aypnlBj4I6Kx-G3iG1pEUo013EryL7kqZiYF5J3ds_5zRWDGP__AGJrc-yrODjdGshoKARfnsybknpGR7omc3UAPYvkfsOvja5ih6YzYZzdPwdV0wBbhqXivTo0yF-I6smPmFBha7q4R0uY0DK_LDIF5Mz8FD0C6V5U8hcP31A_Q7UFO9pyVjOSawimY3ZX8_A2yTKNUp0pBIZQMlR5gZ7Mx
Cache-Control: no-store,no-cache
Pragma: no-cache
Content-Length: 179
Expect: 100-continue
reloadToken=55459aec3b1fed39e3ca7e4ced2d3299&setBid=true&ItemID=186&ItemType=Ammunition¤tSelecter=all&bidAmount=2&RTVT=maind3b56784546e9dab704a7cf797cc&ajaxAction=biddOnItem
First Response:
Code:
HTTP/1.1 200 OK
Date: Thu, 27 Nov 2014 20:44:00 GMT
Server: Apache
Set-Cookie: sfrfsid=7a567b395a76273607e13add6887de22; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="CAO PSA OUR"
Set-Cookie: aid=901; expires=Sat, 27-Dec-2014 20:44:00 GMT; path=/
Set-Cookie: aip=deleted; expires=Wed, 27-Nov-2013 20:43:59 GMT; path=/
Set-Cookie: aig=deleted; expires=Wed, 27-Nov-2013 20:43:59 GMT; path=/
Set-Cookie: acr=14; expires=Sat, 27-Dec-2014 20:44:00 GMT; path=/
Set-Cookie: aid=901; expires=Sat, 27-Dec-2014 20:44:00 GMT; path=/
Set-Cookie: aip=deleted; expires=Wed, 27-Nov-2013 20:43:59 GMT; path=/
Set-Cookie: aig=deleted; expires=Wed, 27-Nov-2013 20:43:59 GMT; path=/
Set-Cookie: acr=14; expires=Sat, 27-Dec-2014 20:44:00 GMT; path=/
Set-Cookie: RTVTmain=mainf48cee3b6b15789f58299871ee15
Vary: Accept-Encoding,User-Agent
Content-Length: 1327
Content-Type: text/html; charset=UTF-8
Content-Language: es
X-XTM-Node: pool-seafight-01-www-034229
Connection: Close
{"crystals":"1","pearls":"3.000","gold":"20.617","reloadtoken":"4407ca4e3b28c03b28b87dd1539db48a","state":"OK","message":null,"output":"","divupdates":{"maxBidder_CURRENCY_4":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_SHIPEXTENSIONS_7":"BlackBaron","maxBidder_ACTIONITEMS_30":"DutchyHunter","maxBidder_ACTIONITEMS_38":"Mina-S.F.U..","maxBidder_ACTIONITEMS_43":"zoki_uk","maxBidder_SAILS_50":"Leopar.!","maxBidder_AMMUNITION_51":"Bawdyn","maxBidder_NONPERISHABLEGOODS_51":"DutchyHunter","maxBidder_SHIPEXTENSIONS_51":"=Marijuana61=","maxBidder_WEAPONS_51":"-CaptainTR-","maxBidder_NONPERISHABLEGOODS_52":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_NONPERISHABLEGOODS_65":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_HARPOONS_75":"zoki_uk","maxBidder_NONPERISHABLEGOODS_77":"swissblade","maxBidder_AMMUNITION_120":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_WEAPONS_121":"\u4e42_\u3024.\u0e56\u06e3\u06dc\u0158\u01b1\u0141\u0128\u0419\u0193.\u3024_\u4e42","maxBidder_AMMUNITION_186":"\u4e42_\u3024.\u0e56\u06e3\u06dc\u0158\u01b1\u0141\u0128\u0419\u0193.\u3024_\u4e42"}}
Second Response:
Code:
HTTP/1.1 200 OK
Date: Thu, 27 Nov 2014 20:44:06 GMT
Server: Apache
Set-Cookie: sfrfsid=7a567b395a76273607e13add6887de22; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="CAO PSA OUR"
Set-Cookie: aid=901; expires=Sat, 27-Dec-2014 20:44:06 GMT; path=/
Set-Cookie: aip=deleted; expires=Wed, 27-Nov-2013 20:44:05 GMT; path=/
Set-Cookie: aig=deleted; expires=Wed, 27-Nov-2013 20:44:05 GMT; path=/
Set-Cookie: acr=14; expires=Sat, 27-Dec-2014 20:44:06 GMT; path=/
Set-Cookie: aid=901; expires=Sat, 27-Dec-2014 20:44:06 GMT; path=/
Set-Cookie: aip=deleted; expires=Wed, 27-Nov-2013 20:44:05 GMT; path=/
Set-Cookie: aig=deleted; expires=Wed, 27-Nov-2013 20:44:05 GMT; path=/
Set-Cookie: acr=14; expires=Sat, 27-Dec-2014 20:44:06 GMT; path=/
Set-Cookie: RTVTmain=main0607cd8ed5f93edb682b35d90762
Vary: Accept-Encoding,User-Agent
Content-Length: 1327
Content-Type: text/html; charset=UTF-8
Content-Language: es
X-XTM-Node: pool-seafight-01-www-042103
Connection: Close
{"crystals":"1","pearls":"3.000","gold":"20.617","reloadtoken":"672a14a2bbd096c8819a249699af6a3c","state":"OK","message":null,"output":"","divupdates":{"maxBidder_CURRENCY_4":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_SHIPEXTENSIONS_7":"BlackBaron","maxBidder_ACTIONITEMS_30":"DutchyHunter","maxBidder_ACTIONITEMS_38":"Mina-S.F.U..","maxBidder_ACTIONITEMS_43":"zoki_uk","maxBidder_SAILS_50":"Leopar.!","maxBidder_AMMUNITION_51":"Bawdyn","maxBidder_NONPERISHABLEGOODS_51":"DutchyHunter","maxBidder_SHIPEXTENSIONS_51":"=Marijuana61=","maxBidder_WEAPONS_51":"-CaptainTR-","maxBidder_NONPERISHABLEGOODS_52":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_NONPERISHABLEGOODS_65":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_HARPOONS_75":"zoki_uk","maxBidder_NONPERISHABLEGOODS_77":"swissblade","maxBidder_AMMUNITION_120":"\u2020\u0e56\u06e3\u06dc\u2666\u02d9\u0387\u0660\u2022zz777\u2022\u0660\u0387\u02d9\u2666\u2020","maxBidder_WEAPONS_121":"\u4e42_\u3024.\u0e56\u06e3\u06dc\u0158\u01b1\u0141\u0128\u0419\u0193.\u3024_\u4e42","maxBidder_AMMUNITION_186":"\u4e42_\u3024.\u0e56\u06e3\u06dc\u0158\u01b1\u0141\u0128\u0419\u0193.\u3024_\u4e42"}}
|
|
|
|
|
11/27/2014, 22:08
|
#10
|
elite*gold: 1091
Join Date: Jun 2007
Posts: 19,836
Received Thanks: 7,180
|
And where is the response?
|
|
|
|
|
11/27/2014, 22:12
|
#11
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
Quote:
Originally Posted by Mostey
And where is the response?
|
I've edited my post.
|
|
|
|
|
11/28/2014, 12:18
|
#12
|
elite*gold: 1091
Join Date: Jun 2007
Posts: 19,836
Received Thanks: 7,180
|
The reload tokens do not match. You are sending the request providing the token from an unknown source. Then, the server replies to this request and also provides a reload token in the response. You may need to send the token supplied by the server in the next request - otherwise the server may detect that you are not accessing the resource through a common webbrowser (since there is probably some javascript send on the first request that does the token handling)
This may also apply to other tokens or challenges.
|
|
|
|
|
11/28/2014, 15:56
|
#13
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
Quote:
Originally Posted by Mostey
The reload tokens do not match. You are sending the request providing the token from an unknown source. Then, the server replies to this request and also provides a reload token in the response. You may need to send the token supplied by the server in the next request - otherwise the server may detect that you are not accessing the resource through a common webbrowser (since there is probably some javascript send on the first request that does the token handling)
This may also apply to other tokens or challenges.
|
Hmm yes, you could be right in that, in the original page the request is made by javascript. So yes, the server sends new reloadTokens to the page ofcourse because it's javascript.
But, I already tried to do another request like ~5 seconds after the first bidRequest to another page, so the javascript sended token must be gone, than another GET request to take the 'new' reloadToken's just from the pagesource, so it should be fresh reloadToken's right?
This is how the pagesource reloadTokens like before my first bid:
Code:
<input name="reloadToken" value="f5b2374edb3c05b125b68907b1d604a4" type="hidden">
<input name="RTVT" value="main7bd97eca81fbfaaf44cc5b53f58a" type="hidden"></form>
This is how they look after the first bid, so before the second bid:
Code:
<input name="reloadToken" value="4e4e777ad53c52366bd9261d5e3720d7" type="hidden">
<input name="RTVT" value="main7bd97eca81fbfaaf44cc5b53f58a" type="hidden">
I noticed the reloadToken changed, but the RTVT was still the same.
However, in my program I completly reload the bid-page to grab some new reloadToken and RTVT:
This is what happens why I reload the page:
Code:
<input name="reloadToken" value="194b401eee9d96bac4b956c5f0efba9c" type="hidden">
<input name="RTVT" value="mainaf2cd2ed44a3bfecf41ca6cc283d" type="hidden">
So I completely receive a new reloadToken and RTVT, but when doing this in my tool it still not works and at the webpage itself it works like it should do.
Maybe I only should do the second GET request of the pagesource at the reloadToken and not the RTVT?
I have currently no time to test it, doing this tonight or tomorrow.
Thanks for your help so far 
|
|
|
|
|
12/02/2014, 21:46
|
#14
|
elite*gold: 0
Join Date: Apr 2010
Posts: 10,289
Received Thanks: 3,613
|
Are you using the reload token to get your new token or are you just reloading the page? If so, you should consider to get a new token using your reloadToken (which may could change after usage).
|
|
|
|
|
03/23/2015, 22:27
|
#15
|
elite*gold: 0
Join Date: Sep 2011
Posts: 417
Received Thanks: 237
|
I'm replying to this thread again as I'm still/again struggling with this problem.
I've suspended the project for some time a decided to continue it.
How it theoretically works right now:
- The user adds items to a ListBox which my program should bid on.
- When clicked at the button a For Each loop will loop through the ListBox and will bid on every Item in the ListBox
How a single (bid)request looks like right now: (this bidrequest is done for each item in the listbox)
- The first thing it does is do a GET request at the market-page and grab the sourcecode
- Then with some regex it extracts the RTVT and the reloadToken from the source
- Then it sends a POST request with the extracted RTVT and reloadToken
EDIT: Fixed
|
|
|
|
All times are GMT +1. The time now is 20:15.
|
|
![[C#] POST request with other data at same URL](https://www.elitepvpers.com/forum/iconimages/net-languages/c-post-request-other-data-same-url_ltr.gif){kind=small}
