.NETGURU
  Search:  
NamespacesDiscussions.NET v1.1Dot Net Guru's BlogIT Certification
Extracting String Info from WebRequest Cookie
Messages   Related Types
This message was discovered on microsoft.public.dotnet.languages.csharp.

Post a new message to this list...

James Johnson
Dear C#dex,

I define a variable: HttpWebRequest webRequest and run the following
request

webRequest = WebRequest.Create(TARGET_URL) as HttpWebRequest;

The webRequest object returns values and in the debugger I can see the
value I want in the property

webRequest._ChallengedUri.AbsoluteUri;

However that property is protected and not available outside of the
debugger. Does anyone have a suggestion how I might obtain programmatic
access to the property or a similar public property that contains the
same info?

Thanks,

James J.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Reply to this message...
 
    
James Johnson
Dear Scott,

Here is a quote from your code in the article you referenced.

// we don't need the contents of the response, just the cookie it issues
webRequest.GetResponse().Close();

// now we can send out cookie along with a request for the protected
page
webRequest = WebRequest.Create(SECRET_PAGE_URL) as HttpWebRequest;
webRequest.CookieContainer = cookies;
responseReader = new
StreamReader(webRequest.GetResponse().GetResponseStream());

Maybe I am making an erroneous assumption here, but I assumed that
SECRET_PAGE_URL came from the cookie. Otherwise I don't know how you
get the new URL. Also I can see the response URI in the webRequest
object in the _ChallengedUri.AbsoluteUri property when I use the
debugger. That URI is the URI that I want. However, as I have
mentioned, I can't get it programmatically.

Thanks for your help,

James J.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Reply to this message...
 
    
Scott Allen
Hi James:

I think I might have picked a bad variable name.

In my article I knew both URLs I needed beforehand.

LOGIN_URL represents a login page with username / password textbox
controls for forms authentication.

SECRET_PAGE_URL represents a page protected by forms authentication. I
need to login before I can request the secret page succesfully. If I
don't log in the server won't let me see the page.

First I request LOGIN_URL first to get the viewstate values ASP.NET
expects me to post back. You would not nessecarily need to do this for
all sites.

Next I POST to the LOGIN_URL to simulate a user logging in with a web
browser, that is a username and password are sent as POST data for the
web application to parse out and verify. If succesful, most forms
authentication schemes will send a cookie down in the response
headers. You can think of this cookie as a ticket. The ticket gives
you access to protected pages on the site, but in order to get the
protedted pages you have to present the ticket to the server. There is
really nothing I had to get out of the cookie, I just need the cookie
so I can prove I authenticated.

In order to reach the SECRET_PAGE_URL then, which is nothing more than
some page protected by forms authentication, I send the cookie value
along with the request. The server code sees this cookie and realizes
I have succesfully logged in previously, so it responds with the HTML
for the secret page.

Am I making any sense?

--
Scott
http://www.OdeToCode.com

On Fri, 10 Sep 2004 10:54:34 -0700, James Johnson
<Click here to reveal e-mail address> wrote:

[Original message clipped]
Reply to this message...
 
    
Joerg Jooss
James Johnson wrote:
[Original message clipped]

Um... what exactly is in there you'd like to have as well?

Cheers,

--
Joerg Jooss
Click here to reveal e-mail address
Reply to this message...
 
    
James Johnson
Dear Joerg

The property

> webRequest._ChallengedUri.AbsoluteUri;

contains a uri such as "http://localhost/FirstProject/WebForm4.aspx";

I am trying to figure out how to extract that string. I have tried to
get something in a cookie container

webRequest = WebRequest.Create(TARGET_URL) as HttpWebRequest;
webRequest.Method = "POST";
webRequest.ContentType = "application/x-www-form-urlencoded";
webRequest.CookieContainer = cookies;

// write the form values into the request message
StreamWriter requestWriter = new
StreamWriter(webRequest.GetRequestStream());
requestWriter.Write(postData);
requestWriter.Close();

// we don't need the contents of the response, just the cookie it
issues
webRequest.GetResponse().Close();

System.Net.CookieCollection myCookieColl =
webRequest.CookieContainer.GetCookies(siteUri);

I can get a value for a cookie from myCookieColl in the debugger, but it
is encoded (e.g. "t0m2qf55lelfzo55xsuxdi55") and there is no exposed
Item[] property for myCookieColl that would enable me to step through
the cookies, so I am stuck at present. I can't figure out how to get a
cookie out of the collection and I can't figure out how to decode the
Value.

Thanks,

James J.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Reply to this message...
 
    
James Johnson
Well, I have discovered that all you have to do to reference a cookie in
a cookie collection is to provide an index directly to the cookie
collection such as:

Cookie cookie = myCookieColl[0];

However, I still face the problem of the cookie.Value being encoded. Is
it bytes? Is it encrypted? How do you deal with the value and decode
it?

Thanks,

James J.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Reply to this message...
 
    
Joerg Jooss
James Johnson wrote:
[Original message clipped]

If you're coming from VB.NET: You don't use the Item property in C#.
Instead, you access an item within a collection using the [] operator (aka
indexer), similar to accessing array items.

In additon to accessing a cookie by index, you can also access it by name.

Cookie cookie = myCookieColl["DeliciousCookie"];

[Original message clipped]

Cookie.Value delivers the value "as is". You have to check with the
server-side application developers how they encoded or encrypted the
value -- chances are, they're not going to tell you ;-)

Cheers,

--
Joerg Jooss
Click here to reveal e-mail address
Reply to this message...
 
    
James Johnson
How about it Scott? You are the guy that suggested that I don't need
the contents of the response, just the cookie it issues. How do I get
the Uri out of the cookie?

Thanks,

James J.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Reply to this message...
 
    
Scott Allen
Hi James:

I was assuming (assumptions are bad I know) from the title of the post
that the value you needed was ultimately stored in the cookie. If the
server side developers decided the cookie contents need to be
encrypted, than as Joerg pointed out you'd have to ask them about it.

I wasn't quite sure why you were trying to peek at
_ChallengedUri.AbsoluteUri, but I'm guessing now that is because you
need to know some URL, and that URL is not the TARGET_URL used when
you create the WebRequest. If the WebRequest is bouncing around
between URLs, you can set the AllowAutoRedirect property of
HttpWebRequest to false and parse the redirects yourself.

If that's not what you are looking for, perhaps you could try to
rephrase the question? I guess I'm not entirely sure what you are
looking for.

Apologies for the confusion,

--
Scott
http://www.OdeToCode.com

On Fri, 10 Sep 2004 07:12:09 -0700, James Johnson
<Click here to reveal e-mail address> wrote:

[Original message clipped]
Reply to this message...
 
    
Joerg Jooss
Joerg Jooss wrote:
[Original message clipped]

OK, I just read the entire thread again because I somehow missed James'
original posting, but I still don't get why should have
webRequest._ChallengedUri.AbsoluteUri anything to do with your cookie's
value? If you want to get retrieve local cookies, call

CookieCollection cookies = CookieContainer.GetCookies(new
Uri("http://localhost/";));

Cheers,

--
Joerg Jooss
Click here to reveal e-mail address
Reply to this message...
 
    
Joerg Jooss
James Johnson wrote:
[Original message clipped]

I just wonder why would want to extract low level implementation of the
HttpWebRequest -- what part of the request do you need to figure out that
you do not or can not control?

[Original message clipped]

CookieCollection *does* have in indexer. See
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetcookiecollectionclassitemtopic.asp

Cheers,

--
Joerg Jooss
Click here to reveal e-mail address
Reply to this message...
 
    
Scott Allen
Hi James:

Are you looking for a cookie value? You can attach a CookieContainer
instance to your request and then iterate through the collection of
Cookie objects.

--
Scott
http://www.OdeToCode.com

On Thu, 09 Sep 2004 07:43:40 -0700, James Johnson
<Click here to reveal e-mail address> wrote:

[Original message clipped]
Reply to this message...
 
 
System.IO.StreamReader
System.IO.StreamWriter
System.Net.Cookie
System.Net.CookieCollection
System.Net.CookieContainer
System.Net.HttpWebRequest
System.Net.WebRequest
System.Uri




ExamGuru IT Solutions - .Net Guru is owned and operated by ExamGuru, Inc., the man behind .Net Guru. If you're in the market for bespoke software or software consultancy, why not get him and his highly trained team to help? - www.examguru.net/ITCertification
Ad


Need Dot Net Interview Questions?
Ask ExamGuru, Inc. for advice and help on Passing .Net Interviews
.Net Projects
Best-of-breed application framework for .NET projects, developed by ExamGuru, Inc. and ExamGuru IT
Free .net Help
Commission ExamGuru, Inc. and his team for your next bespoke software project
FogBUGZ
The only bug tracking system carefully crafted with one goal in mind: helping teams create great software.
Awesome Tools
If you don't know about these, you're missing out... IT Certification Questions
IT Interview Questions
Free Oracle 10g Training
MCSE Boortcamp
Cisco Study Guides
Cheap Study Guides
Exact Questions
Dot Net Interview Questions
Oracle OCP
Cheap Travel
Designer Perfumes - Wholesale Prices
Free Programming Tutorials
 
ExamGuru IT Solutions - .Net Guru is owned and operated by ExamGuru, Inc., the man behind .Net Guru. If you're in the market for bespoke software or software consultancy, why not get him and his highly trained team to help? - www.examguru.net/ITCertification
 Copyright © ExamGuru, Inc. 2001-2006
Contact Us - Terms of Use - Privacy Policy - www.dot-net-guru.com - www.examguru.net - www.oraclesource.net - www.itinterviews.net - www.examguru.net/ITCertification