I am using a macro in Outlook VBA to submit a file via POST to a URL:
Set http = New WinHttp.WinHttpRequest
http.Open "POST", UrlToPostTo, False 'True '
http.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
http.setRequestHeader "Content-Type", "multipart/form-data; "
http.Send data
My problem is the page that will accept the request (a file upload page, in this case) is protected by authentication - the initial request for it above will return a login page instead of the page itself.
I have tried to detect if the login page appears and if so, post the username and password as form variables (I'm hoping this is equivalent to a human typing said username and password into a page in the web browser).
So the steps are:
* request URL (include file with post).
* Check if the reponse is the login page.
* If so, then in the same http session, submit the username and password to the URL.
* If the server now processes the original post, good, otherwise I can post it again.
The code looks like:
' if the login page comes back, send credentials '
If (InStr(http.ResponseText, "j_password") > 0) Then
Dim loginData As String
loginData = "j_username=theusername&j_password=thepassword"
http.Open "POST", UrlToPostTo, False
http.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
http.setRequestHeader "Content-Type", "multipart/form-data; "
http.Send loginData
End If
But when I do this, The http.Responsetext is just the login page still (or again?).
Any idea what I'm doing wrong? Is my plan even valid?
(This is related to trying to solve this problem )
in response to a POST request. Rather, the RFC simply states that the browser should alert the user and present an option to proceed or to cancel without reposting data to the new location. Unless you write complex server code, you can't force POST redirection and preserve posted data.
The most common ways to implement redirection logic after login are: using HTTP Referer header. saving the original request in the session. appending original URL to the redirected login URL.
In HTTP, redirection is triggered by a server sending a special redirect response to a request. Redirect responses have status codes that start with 3 , and a Location header holding the URL to redirect to. When browsers receive a redirect, they immediately load the new URL provided in the Location header.
I know this thread is ancient and I realize the OP most definitely moved on long ago. I just spent the better part of 3 evenings being humbled by this exact same problem, and this thread kept coming up when I would stop to research more so I thought I would contribute for the next guy who comes along.
The trick is:
I'm sure there's other ways, but this seemed pretty elegant to me, and I found lots of other ways to use it.
To use the OPs code example, you could make your request as planned with one exception: The EnableRedirects var, which must come after opening the connection (didn't read that anywhere, just couldn't get it to stick to a closed connection).
Good luck "next guy"!
Dim http As WinHttp.WinHttpRequest
Dim UrlToPostTo As String, UrlRedirectedTo As String
'Your initial request (assuming lots here)
Set http = New WinHttp.WinHttpRequest
http.Open "POST", UrlToPostTo, False
'Stop it from redirecting automatically, so you can capture it
http.Option(WinHttpRequestOption_EnableRedirects) = False 'You can also use the collection index instead of the pretty name
http.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
http.setRequestHeader "Content-Type", "multipart/form-data; "
http.Send
'Now if you have an active session, you should get your desired content
'If it redirected you, you'll have a different status, header etc...
If http.status = "302" Then
Dim loginData As String
'Now lets find out where we're being pointed and POST there
'This may not be the same url you see in your address bar
UrlRedirectedTo = http.GetResponseHeader("Location")
'Also, you may have to do this again to arrive back at the intended resource
loginData = "j_username=theusername&j_password=thepassword"
http.Open "POST", UrlRedirectedTo, False
http.setRequestHeader "User-Agent", "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)"
http.setRequestHeader "Content-Type", "multipart/form-data; "
http.Send loginData
End If
Some info I found useful in the MSDN maze.
WinHttpRequest Options (MSDN)
WinHttpRequest Object (MSDN)
Cookie Handling WinHttp (MSDN)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With