[Tutor] using mechanize to authenticate and pull data out of site
Rich Lovely
roadierich at googlemail.com
Mon Dec 28 10:21:01 CET 2009
2009/12/26 Norman Khine <norman at khine.net>:
> Hello,
>
> I am trying to authenticate on http://commerce.sage.com/Solidarmonde/
> using urllib but have a problem in that there are some hidden fields
> that use javascript to create a security token which then is passed to
> the submit button and to the header.
>
> Here is the output of the LiveHeader during authentication
>
> http://paste.lisp.org/display/92656
>
> Here is what I have so far:
>
> http://paste.lisp.org/+1ZHS/1
>
>>>> print results
> But the page returned prints out that the session is out of time.
>
> Here are details of the forms:
>
> http://paste.lisp.org/+1ZHS/2
>
> Any help much appreciated.
>
> Norman
> _______________________________________________
> Tutor maillist - Tutor at python.org
> To unsubscribe or change subscription options:
> http://mail.python.org/mailman/listinfo/tutor
>
The first thing to try is to attempt to login with javascript
disabled. If it will let you do that, transfer the relevant form info
to the mechanize browser, and it should be fine.
If not, you will need to look through all of the javascript files, to
find out which one generates/receives the security token. Looking at
it, the element will be called "_xmlToken".
The "xml" suggests that it might be received over ajax, which means
you will need to find the page that it comes from, and fake an ajax
request to it - fortunately, this is just a simple http request, much
like you are already doing - it's just handled under the surface by
javascript.
--
Rich "Roadie Rich" Lovely
There are 10 types of people in the world: those who know binary,
those who do not, and those who are off by one.
More information about the Tutor
mailing list