Hi,
I write a new thread to discuss about my closed topic with new information ( /280990-curl-post-form-issue.html )
The previous post was closed because of missing informations, I didn't have access yet to server logs.
----------------------------------------------------------------------
I'm having an issue with curl post form, I dont' understand what I'm mising. I would like to send a post command with login and password to a form.
Url of the form : (http)<MYWEBSITE>/login
Source Code of the form :
<form action="/login_check" method="post">
<input type="text" id="username" name="_username" value=""/>
<input type="password" id="password" name="_password" />
<button type="submit">Connexion</button></form>
Http Header from Firefox for the submit of the form with a correct authentification
<MYWEBSITE>/login_check
Host: fedex.gidn.recouv
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: <MYWEBSITE>/login
Content-Type: application/x-www-form-urlencoded
Content-Length: 42
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=461c5aa04837e9adb6235b51dbdc60c1
Upgrade-Insecure-Requests: 1
_username=GOODLOGIN&_password=GOODPWD
POST: HTTP/1.1 302 Found
Date: Mon, 04 Feb 2019 13:22:15 GMT
Server: Apache
X-Powered-By: PHP/5.4.37
Set-Cookie: PHPSESSID=87cb0cfadd8a6e95cc129f94c2951f60; path=/
location: <MYWEBSITE>
Content-Length: 389
Content-Type: text/html; charset=UTF-8
Age: 0
Connection: close
Cache-Control: no-cache
Via: 1.1 akamai (ACE 5.8.2/5.8.2)
<MYWEBSITE>
Host: <MYWEBSITE>
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: <MYWEBSITE>/login
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=87cb0cfadd8a6e95cc129f94c2951f60
Upgrade-Insecure-Requests: 1
POST: HTTP/1.1 200 OK
Date: Mon, 04 Feb 2019 13:22:15 GMT
Server: Apache
X-Powered-By: PHP/5.4.37
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Age: 0
Transfer-Encoding: chunked
Connection: close
Cache-Control: no-cache
Via: 1.1 akamai (ACE 5.8.2/5.8.2)
Php Log from a post with Firefox with a correct login :
[2019-02-04 13:50:25] security.DEBUG: Read SecurityContext from the session [] [] [2019-02-04 13:50:25] security.DEBUG: Reloading user from user provider. [] []
[2019-02-04 13:50:25] security.DEBUG: Username "GOODLOGIN" was reloaded from user provider. [] []
[2019-02-04 13:50:25] request.INFO: Matched route "FedexCoeurBundle_accueil" (parameters: "_controller": "Fedex\CoeurBundle\Controller\DefautController::indexAction", "_route": "FedexCoeurBundle_accueil") [] []
[2019-02-04 13:50:25] security.DEBUG: Write SecurityContext in the session [] []
So, I got back the parameters to create the curl command
curl -v -d "_username=GOODLOGIN&_password=GOODPWD" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 Firefox/64.0" -H "Content-type: application/x-www-form-urlencoded" MYWEBSITE/login > curl.html
The command result :
* About to connect() to MYWEBSITE port 80 (#0)
* Trying IP... connected
* Connected to MYWEBSITE (IP) port 80 (#0)
> POST /login HTTP/1.1
> Host: MYWEBSITE
> Accept: */*
> User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:64.0) Gecko/20100101 F irefox/64.0
> Content-type: application/x-www-form-urlencoded
> Content-Length: 42
>
} [data not shown]
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 42 0 17500 --:--:-- --:--:-- --:--:-- 17500* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Date: Mon, 04 Feb 2019 12:54:01 GMT
< Server: Apache
< X-Powered-By: PHP/5.4.37
< Set-Cookie: PHPSESSID=4bb983672555b0264af268f5ef7c1f16; path=/
< cache-control: no-cache
< Connection: close
< Content-Type: text/html; charset=UTF-8
<
{ [data not shown]
101 11495 0 11495 0 42 99223 362 --:--:-- --:--:-- --:--:-- 98k* Closing connection #0
php symfony log from a post with Curl with a correct login :
[2019-02-04 13:55:34] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2019-02-04 13:55:34] request.INFO: Matched route "login" (parameters: "_controller": "Fedex\CoeurBundle\Controller\SecuriteController::loginAction", "_route": "login") [] []
In the curl response on client side, I have the current login form, without notification of the error or the succeed, depending the login I use.
It's like the curl command doesn't send the input of the form.
I tried to connect with a wrong login, to see the difference, here the result :
Php symfony log from a post with Firefox with an incorrect login, or simply by loading the page :
[2019-02-04 13:52:33] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2019-02-04 13:52:33] request.INFO: Matched route "login" (parameters: "_controller": "Fedex\CoeurBundle\Controller\SecuriteController::loginAction", "_route": "login") [] []
Php symfony log from a post with Curl with an incorrect login
[2019-02-04 13:59:20] security.INFO: Populated SecurityContext with an anonymous Token [] []
[2019-02-04 13:59:20] request.INFO: Matched route "login" (parameters: "_controller": "Fedex\CoeurBundle\Controller\SecuriteController::loginAction", "_route": "login") [] []
Thank you for your support