i want to use https only for login form and after the user logs in send it to http .
login form is in page "a.php" and the action of login form is "b.php" .
my question is:
which one should i call: https://mysite.com/a.php or http://mysite.com/a.php
the action should be : https://mysite.com/b.php or http://mysite.com/b.php
i mean post data is send according to form page or action page protocol??
The page with input fields (a.php) should be on HTTP, while the page with authentication logic (b.php) should be on HTTPS.
In a.php there will be something like this:
<form method="post" action="https://[domain-name]/b.php">
<input type="text" name="username" />
<input type="password" name="password" />
<input type="submit" value="login" />
</form>
Related
I'm trying to scrape some data of a website using python request. I have to login to the website though first. So I found the /acounts/login/ url and when i try to post to this URL with a payload containing my username and password I get redirected to a page where I have to give consent to cookies by pressing a big green button.. How can I do this with python request? Even when I just do s.get and print the url it is already redirected to this Cookie Consent Page..
import requests
s = requests.Session()
res = s.get('https://example.nl/accounts/login/')
print(res.url)
When I inspect this cookie consent page I find the following relevant lines of HTML:
<form action="/consent?token=f1ad267c-377b-486a-b286-67ff63e3b046" method="post">
<input type="hidden" name="permissions" value="functional">
<input type="hidden" name="permissions" value="analytics">
<input type="hidden" name="permissions" value="socialMedia">
<input type="hidden" name="permissions" value="advertising">
<input type="hidden" name="permissions" value="personalization">
<input type="hidden" name="referrer" value="">
<input type="hidden" name="_csrf" value="">
<div class="buttons">
<input type="submit" data-track-click="{"contentInteractionName": "consentChange","cookiewallInitiator":"f1tm","consentChoice": {"permissions": { "advertising" : true,"analytics": true,"functional": true,"personalization": true,"socialMedia": true},"consentScreen": "front"}}" value="Ja, ik ga akkoord" data-track-click-has-click-listener="true">
Voorkeuren beheren
</div>
</form>
I don't know what to do with this.. I would like to "press" the submit button to continue to the login page..
I've an aspx form with a form tag as below and this form tag contains some sensitive info with hidden fields
<form id="payment_confirmation" target="myFrame" action='https://testsecureacceptance.cybersource.com/embedded/pay' method="post"/>
<input type="hidden" name="access_key" value="sensitivevalue1">
<input type="hidden" name="profile_id" value="sensitivevalue2">
<input type="hidden" name="transaction_uuid" value="<% Response.Write(getUUID()); %>">
<input type="hidden" name="signed_field_names" value="sensitivevalue3">
<input type="hidden" name="unsigned_field_names" value="card_type,card_number,card_expiry_date">
<input type="hidden" name="signed_date_time" value="<% Response.Write(getUTCDateTime()); %>">
<input type="hidden" name="locale" value="en">
<input type="submit" id="submit" name="submit" value="Submit"/>
</form>
When i click "Submit" it successfully post the values and user is "redirected" into the "https://testsecureacceptance.cybersource.com/embedded/pay" form but those hidden fields values are exposed to users (when they inspect the page). I can encrypt them but is there any other way i can post values and redirect from backend where values will not be exposed to users?
Thanks
In short, no. Hidden fields are only hidden from view on the screen and will always be available be available when viewing the source of the page when you are using web forms like this. You can use the viewstate, which will encode the fields and make them harder to read, but if it is truly sensitive information, you will need to properly encrypt that information.
Hope that helps.
I am new in wordpress. I have an wordpress site where Admin can add post.But when he will add a post, a GET method submission should be also done to appspot http://jhal-muri.appspot.com/sendAll?emailId=emailid&mssg=msg .
How can I do that? I know that I have to change the add_post options in admin panel of wordpress But I don't know how to do.
For Wordpress
You can declare the form as POST. Then, construct your URL string as http://jhal-muri.appspot.com/sendAll?emailId=emailid&mssg=msg where emailId and mssg parameters will automatically become GET. The rest of the input names and values will become POST.
Sample Code
<form method="post" acion="http://jhal-muri.appspot.com/sendAll?emailId=emailid&mssg=msg">
<input type="text" value="" name="emailId" />
<input type="text" value="" name="msg" />
<input type="submit" name="submit" value="Send All" />
</form>
I have a simple asp.net page where a form action is done, which it takes to the 3d party url and that will return some data as a response. How can I achieve the job done without using static form action.
Below is the form action:
<form name="theForm" method="GET" action="page.aspx" >
<input type="hidden" name="asp" value="hidden values" />
<input type="hidden" name="url" value="http://www.google.com" />
<input type="submit" name="submit" />
</form>
Thanks in Advance.
I have a child page LoginContent.aspx which contains a login form. If the user logs in he should be redirected to my Welcome.aspx page. But if I press the login button the page just reloads itself, nothing happens.
The codebehind on this page is empty. Both LoginContent.aspx and Welcome.aspx are child forms of the same master page.
<form method="post" action="~/Welcome.aspx">
Username: <input type="text" name="username" size="15" /><br />
Password: <input type="password" name="passwort" size="15" /><br />
<input type="submit" value="Login"/></p>
</form>
I know I could use the asp.net login control but I want more control over things.
You can't have nested form inside aspx page.
UPDATED:
Since ASP.NET webform doesn't allow us to have multiple form in one aspx page, thus in order to make it works, do the following:
Remove the form tag
add runat server to
the input perform redirect in the server side
.
Username: <input type="text" name="username" size="15" runat=server /><br/>
Password: <input type="password" name="passwort" size="15" runat=server /><br/>
<input type="submit" value="Login" runat=server onclick="submit_onclick" /></p>
And in the code behind:
protected void submit_onclick(object sender, Event e)
{
// do some auth stuff here
Response.Redirect("~/welcome.aspx");
}
Hope this will answer your question.. :)
If your <form> tag from your LoginContent.aspx nested inside your <form runat="server"> I would try moving it so it sits outside the server-side form and see if it works from there.
It might be worth tracking the HTTP requests in the Net panel of Firebug as well, just so you can see if it is actually making the HTTP POST request to /Welcome.aspx - it might help you pinpoint exactly where the problem is.