Re: POST message
Re: POST message
- Subject: Re: POST message
- From: email@hidden
- Date: Mon, 5 Sep 2005 14:53:46 -0600
On Sep 5, 2005, at 11:20 AM, Jan E. Schotsman wrote:
OK, I have downloaded the EtherPeek demo. The "Application Data"
for one interesting packet look like this (I have deleted the
actual addresses)
Line 1: GET /viewad/404346/houser_wisp_468x60.gif
HTTP/1.1..
Line 2: Host: ad. [.........] .net..
Line 3: Connection: keep-alive..
Line 4: Referer: http:// [........] =fast%
26&seltype1=1&pc1=6953 CA&seltype2=1&pc2=3056 GG..
Line 5: User-Agent: Mozilla/5.0 (Macintosh; U; PPC
Mac OS X; en) AppleWebKit/125.5.7 (KHTML, like Gecko) Safari/125.12..
Line 6: If-Modified-Since: Thu, 25 Aug 2005
14:20:58 GMT..
Line 7: Accept: */*..
Line 8: Accept-Encoding: gzip, deflate;q=1.0,
identity;q=0.5, *;q=0..
Line 9: Accept-Language: en, ja;q=0.92, ja-
jp;q=0.96, fr;q=0.88, de-de;q=0.85, de;q=0.81, es;q=0.77, it-
it;q=0.73, it;q=0.69, nl-nl;q=0.65, nl;q=0.62, sv-se;q=0.58,
sv;q=0.54, no-no;q=0.50, no;q=0.46, da-dk;q=0.42, da;q=0.38, fi-
fi;q=0.35, fi;q=0.31....
Premature end of decode
Line 4 looks very much like a URL I could try to download directly!
The form data are in there and no inexplicable other data.
How do I handle all these % escapes like in = etc? Just copy the
URL to download like in line 4??
You might take a look at http://php.net/tut.php and then http://
php.net/urlencode and http://php.net/urldecode, also http://php.net/
rawurlencode and http://php.net/rawurldecode. Some moron decided to
make two systems, so be careful of space being represented as + or %
20, further complicating matters. My example below encodes with ,
but is able to decode +. Also look through the php examples on how
to accept a form page and loop over the variables with $_GET
['myformvar'] and $_POST['myformvar']. It gives a lot of insights
into what goes on behind the scenes. PHP automagically decodes the
strings for you, but you can also use $_SERVER['QUERY_STRING'] to see
the original string. Oh you can use the print_r( $_GET ) command on
any variable to display an entire array.
Most people today use <form method="post"> so that the user doesn't
have to see the variables in the URL. However, there are many times
when using method="get" is better. For instance google uses:
http://google.com/search?q=test
Which allows other sites to easily build links into google's results
by appending words after "q=". I have not personally looked at how
POST is inserted into the http headers, but it should be quite simple
to parse them or insert them yourself. If a human will not be seeing
your transaction, then my advice is to use GET, since it's easier to
test your URL from a browser without having to build a bunch of
forms. Both are equally secure, since the whole transaction will be
encrypted if you use https (SSL). I just mean that nobody can see
what your GET vars are from outside if you are using a secure
transaction, if you ever get to that point. Just be careful about
the browser history, because in somewhere like a cybercafe, another
user can sit down and see what the last person was doing, even seeing
secret information in the GET string in plain text! I haven't
studied ways around this, but it seems like it would be fixed by
logging the user out of the session, but security is a whole other
can of worms, maybe someone on the list can elaborate :)
Here are some url encode utility functions I wrote in c++:
u short charToHex( u char c )
{
u short hi = c/16, lo = c - hi*16;
if( hi < 10 )
hi += '0';
else
hi += 'A' - 10;
if( lo < 10 )
lo += '0';
else
lo += 'A' - 10;
return( (hi << 8) + lo );
}
u char hexToChar( u short h )
{
u short hi = h >> 8, lo = h & 255;
if( hi >= 'a' && hi <= 'z' )
hi = 10 + hi - 'a';
else if( hi >= 'A' && hi <= 'Z' )
hi = 10 + hi - 'A';
else if( hi >= '0' && hi <= '9' )
hi -= '0';
if( lo >= 'a' && lo <= 'z' )
lo = 10 + lo - 'a';
else if( lo >= 'A' && lo <= 'Z' )
lo = 10 + lo - 'A';
else if( lo >= '0' && lo <= '9' )
lo -= '0';
return( hi*16 + lo );
}
// strings may not overlap, because url chars take up 3 bytes instead
of 1, expanding the string
// outStr may be longer than inStr
// outStr outLen will be set to 0 to terminate the string, so length
of outStr should be outLen+1
// returns number of bytes taken from inStr
long urlencode( const char *inStr, char *outStr, int outLen )
{
int len = strlen( inStr ), o = 0, total = -1;
for( int i = 0; i < len; i++ )
if( (inStr[i] >= 'a' && inStr[i] <= 'z') ||
(inStr[i] >= 'A' && inStr[i] <= 'Z') ||
(inStr[i] >= '0' && inStr[i] <= '9') ||
inStr[i] == '-' ||
inStr[i] == '_' ||
inStr[i] == 0 )
{
if( o < outLen )
{
outStr[o++] = inStr[i];
total = i;
}
else
break;
}
else
{
u short temp = charToHex( inStr[i] );
if( o+2 < outLen )
{
outStr[o++] = '%';
outStr[o++] = temp >> 8;
outStr[o++] = temp & 255;
total = i;
}
else
break;
}
outStr[o] = 0;
return( total+1 );
}
// strings may overlap, because url chars take up 3 bytes instead of
1, shrinking the string
// outStr will always be shorter than inStr
// outStr outLen will be set to 0 to terminate the string, so length
of outStr should be outLen+1
// returns number of bytes taken from inStr
long urldecode( const char *inStr, char *outStr, int outLen )
{
int len = strlen( inStr ), o = 0, total = -1;
for( int i = 0; i < len; i++ )
{
if( inStr[i] == '+' )
{
if( o < outLen )
{
outStr[o++] = ' ';
total = i;
}
else
break;
continue;
}
if( inStr[i] != '%' || inStr[i] == '-' || inStr[i] == '_' )
{
if( o < outLen )
{
outStr[o++] = inStr[i];
total = i;
}
else
break;
continue;
}
if( i + 1 < len )
{
i++;
if( i + 1 < len )
{
if( o < outLen )
{
outStr[o++] = hexToChar( (((u short) inStr[i])
<< 8) + inStr[i+1] );
total = i;
}
else
break;
i++;
}
else
if( o < outLen )
{
outStr[o++] = hexToChar( (((u short) '0') << 8)
+ inStr[i] );
total = i;
}
else
break;
}
else
break;
}
outStr[o] = 0;
return( total+1 );
}
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden