I am trying to put a button on my shiny app which calls out external website though a form/post request. The input values will change but here is a real example.
Example:
<form action="http://toppgene.cchmc.org/CheckInput.action" method="post">
<input type="hidden" name="query" value="TOPPFUN">
<input type="hidden" id="type" name="type" value="HGNC">
<input type="hidden" name="training_set" id="training_set" value="EGFR">
<input type="submit" class="mybutton">
</form>
PS: cross posted on shiny-discuss google group link
Thanks!
-Abhi
Related
I am building a script that is downloading a zip file and placing it on my desktop. The script works fine except the link to the zip file is taking me to a terms and condition site in order to download it.
I have the below form:
<form action="https://powhatan.iiie.disa.mil/TOUbanneraccept.asp">
<input name="HTTP_REFERER" type="hidden" value="http://iase.disa.mil/stigs/compilations/Pages/index.aspx">
<input name="HTTP_HOST" type="hidden" value="powhatan.iiie.disa.mil">
<input name="SERVER_NAME" type="hidden" value="powhatan.iiie.disa.mil">
<input name="URL" type="hidden" value="/TOUbanner.asp">
<input name="SCRIPT_NAME" type="hidden" value="/TOUbanner.asp">
<input name="PATH_INFO" type="hidden" value="/TOUbanner.asp">
<input name="Destination" type="hidden" value="">
<input name="OriginalURL" type="hidden" value="https://powhatan.iiie.disa.mil/stigs/downloads/zip/FOUO_SRG-STIG_Library_2017_04.zip">
<input name="RewriteURL" type="hidden" value="">
<input name="Accept" style="width: 150px;" type="submit" value="I ACCEPT">
</form>
I am trying to create a query string to accept the webpage terms so that my download will continue but my query string is not working. From what i researched I came up with:
https://powhatan.iiie.disa.mil/TOUbanneraccept.asp/?HTTP_REFERER=http://iase.disa.mil/stigs/compilations/Pages/index.aspx&HTTP_HOST=powhatan.iiie.disa.mil&SERVER_NAME=powhatan.iiie.disa.mil&URL=/TOUbanner.asp&SCRIPT_NAME=/TOUbanner.asp&OriginalURL=https://powhatan.iiie.disa.mil/stigs/downloads/zip/FOUO_SRG-STIG_Library_2017_04.zip&Accept=I%20ACCEPT
I even tried
https://powhatan.iiie.disa.mil/TOUbanneraccept.asp?Accept=I%20ACCEPT
When I try either one I get a Error 404 page as if the page does not exist. I have to do this because it will be included in a VBA macro.
Can anyone tell me what I am doing wrong or what may going on here?
This question already has answers here:
What's the point of having hidden input in HTML? What are common uses for this?
(12 answers)
Closed 5 years ago.
Full code:
<form accept-charset="UTF-8" action="/" method="get">
<div style="margin:0;padding:0;display:inline">
<input name="utf8" type="hidden" value="✓" />
</div>
<label for="first">First name:</label>
<input id="first" name="first" type="text" value="Steve" /><br/>
<label for="last">Last name:</label>
<input id="last" name="last" type="text" value="Jobs" /><br/>
<input name="commit" type="submit" value="Submit" />
</form>
<div style="margin:0;padding:0;display:inline">
<input name="utf8" type="hidden" value="✓" />
</div>
I'm reading the code from another people. I don't understand why he made a fake input field here. Is it for the css purpose?
Hidden fields are used programatically, to pass information about the current page to the server.
Hidden fields can also be used to pass information back to scripts. This may include security tokens, or the name of the relevant row in the database. The user does not need to see this data, but it is passed back to the server on submission so that scripts function correctly behind the scenes.
I've an aspx form with a form tag as below and this form tag contains some sensitive info with hidden fields
<form id="payment_confirmation" target="myFrame" action='https://testsecureacceptance.cybersource.com/embedded/pay' method="post"/>
<input type="hidden" name="access_key" value="sensitivevalue1">
<input type="hidden" name="profile_id" value="sensitivevalue2">
<input type="hidden" name="transaction_uuid" value="<% Response.Write(getUUID()); %>">
<input type="hidden" name="signed_field_names" value="sensitivevalue3">
<input type="hidden" name="unsigned_field_names" value="card_type,card_number,card_expiry_date">
<input type="hidden" name="signed_date_time" value="<% Response.Write(getUTCDateTime()); %>">
<input type="hidden" name="locale" value="en">
<input type="submit" id="submit" name="submit" value="Submit"/>
</form>
When i click "Submit" it successfully post the values and user is "redirected" into the "https://testsecureacceptance.cybersource.com/embedded/pay" form but those hidden fields values are exposed to users (when they inspect the page). I can encrypt them but is there any other way i can post values and redirect from backend where values will not be exposed to users?
Thanks
In short, no. Hidden fields are only hidden from view on the screen and will always be available be available when viewing the source of the page when you are using web forms like this. You can use the viewstate, which will encode the fields and make them harder to read, but if it is truly sensitive information, you will need to properly encrypt that information.
Hope that helps.
I am trying to incorporate a reservation widget within my wordpress install and I have everything working fine except sending the data or it not populating on the other sites form. The site I am trying to send data to is an online reservation software: http://www.directinn.com/demo/
Here is how I am doing my form:
<form name="bookingform" action="http://www.directinn.com/demo" method="get" target="_blank">
<input type="text" name="date1" id="Text1" class="ftxt MyDate three columns" maxlength="10" value="" placeholder="Arrival Date"/>
<input type="text" name="date2" id="Text2" class="ftxt MyDate three columns" maxlength="10" value="" placeholder="Departure Date" />
<input type="submit" name="bookingformsubmit" class="book-now" value="Book Now">
<input type="hidden" name="arrivalDay" value="" />
<input type="hidden" name="arrivalMonth" value="" />
<input type="hidden" name="arrivalYear" value="" />
<input type="hidden" name="departureDay" value="" />
<input type="hidden" name="departureMonth" value="" />
<input type="hidden" name="departureYear" value="" />
<input type="hidden" name="numAdults" value="1" />
Any help would be greatly appreciated ;)
So they are saying if you can iFrame in their Form on your page and if you add the USERNAME for example to the URL, your USERNAME will appear on the invoice. Like this I believe:
http://www.directinn.com/iframefull.html/BOB
I do not think you can make your own form and POST to their page. I see no indication that that is possible from the link you posted of the example.
The code you have will submit a load of Query String data to the receiving site.
The target site may implement some type of cross-site posting prevention which is causing the blockage - or they may ignore your query string parameters entirely.
I have a simple asp.net page where a form action is done, which it takes to the 3d party url and that will return some data as a response. How can I achieve the job done without using static form action.
Below is the form action:
<form name="theForm" method="GET" action="page.aspx" >
<input type="hidden" name="asp" value="hidden values" />
<input type="hidden" name="url" value="http://www.google.com" />
<input type="submit" name="submit" />
</form>
Thanks in Advance.