Getting Login-Protected Info With CFHTTP

[lurisia]

I wrote a CF script about a year ago that logs onto an informational site at
which I am member, retrieves some information from the site, and then stores it
in my personal database. The script has been working fine until about a week
ago. I can't figure out why it's not working now...

Here is what the code does:

1. uses cfhttp to simulate a post with my username/pass to the login page

2. gets all the cookies the server sends back (session id, etc) and stores
them in a struct so that when I request further pages I can send the
appropriate cookies to the server.

3. as a test, requests the "home" login page -- that is, the default page you
see after loggin in. dumping the filecontent here confirms that my code is
still able to login successfully.

4. requests the page i'm interested in. dumping the filecontent here shows
that i have been redirected to a "you must be logged in" page.

when i login manually through a browser, i AM able to successfully go directly
from the "home" login page to the page i'm interested in, by pasting the
of-interest URL directly into the address bar once i have logged in. So that
is why i'm baffled. i've even added the http_referer as a cgi variable in case
the server was checking that. i've also identified my userAgent as IE.

Anyone have any ideas what could be going on? What is their server using to
reject me?

TIA,
lurisia

<!---login and get cookies--->
<cfhttp
url="http://www.xxxxxx.com/loginNow.cfm"
userAgent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461; .NET
CLR 1.1.4322)"
method="post">
<cfhttpparam type = "formField" name = "username" value = "myUserName"
encoded="No">
<cfhttpparam type = "formField" name = "password" value = "myPassword"
encoded="No">
<cfhttpparam type = "formField" name="Submit" value="Log in">
</cfhttp>

<!---put the cookies in a struct to use in later http calls--->
<cfset cookies=structNew()>
<cfloop collection="#cfhttp.responseHeader['Set-Cookie']#" item="i">
<cfoutput>
<cfset temp = cfhttp.responseHeader['set-cookie'][i]>
<cfset temp = REReplace(temp, ";.*", "")>
<cfset cName = listFirst(temp,"=")>
<cfset cValue = listLast(temp,"=")>
<cfset cookies[cName] = cValue>
</cfoutput>
</cfloop>

<cfhttp
url="http://www.xxxxxx.com/membersonly/main.cfm?l=1"
userAgent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461; .NET
CLR 1.1.4322)"

>

<cfloop collection="#cookies#" item="i">
<cfhttpparam type = "cookie" name="#i#" value="#cookies[i]#">
</cfloop>
</cfhttp>
<!---dumping the filecontent here confirms a successful login--->

<cfhttp
url="http://login1.xxxxxx.com/membersonly/search/Statistics/default.cfm"
userAgent="Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; T312461; .NET
CLR 1.1.4322)">
<cfhttpparam type = "cgi" name="referer"
value="http://www.xxxxxx.com/membersonly/main.cfm?l=1">
<cfloop collection="#cookies#" item="i">
<cfhttpparam type = "cookie" name="#i#" value="#cookies[i]#">
</cfloop>
</cfhttp>

<!---dumping the filecontent here shows that i have been denied access--->

[Neculai Macarie]

> Anyone have any ideas what could be going on? What is their server using
to

> reject me?

Check to see if there are differences between the headers you're sending and
the ones that the browsers sends (use the LiveHttpHeaders extension for
Firefox for example).

--
<mack />