I use parse.com with their expressjs framework.
I have this html form which calls my /login url with post but for some reason it gets redirected(with status code 301) to a get request to that url.
This is my html form
<html>
<head></head>
<body>
<form method="post" action="/login">
<label>Username</label>
<input name="username"></input>
<label>Password</label>
<input name="password" type="password"></input>
<input class="button" type="submit" value="Log In">
</form>
</body>
To make the question more clear i use express js with parse.com and here are the two routing defined
app.get('/login', function(req, res) {
res.send('get is called');
});
app.post('/login', function(req, res) {
res.send('post is called');
});
Now no matter what i provide in my form method i always get "get is called" in the browser on submitting the button.
I also tried to debug what is happening in by the developer console and this is what i get
I think you are using ejs template try adding all the attributes in your form as without double quotes, something like this and try
<html>
<head></head>
<body>
<form method=post action=/login>
<label>Username</label>
<input name="username"></input>
<label>Password</label>
<input name="password" type="password"></input>
<input class="button" type="submit" value="Log In">
</form>
</body>
</html>
I checked in the console and the form attributes when double quotes were added was something of this sort
<form action=""/login"" method=""POST"">
so by default the form was getting submitted as a GET request instead of a POST. I am still not sure why this is happening, just started learning express, will add more details when I get them.
Related
I am building a laboratory task for exploitation CSRF vulnerability.
I need a bot, who will visit my page and execute JS:
<html>
<head>
</head>
<body>
<form action="http://localhost:9010/csrf/register.php" method="POST" id="csrf-form">
<input type="hidden" name="login" value="casper" />
<input type="hidden" name="password" value="casper" />
<input type="submit" value="Submit request"/>
</form>
</body>
<script>document.getElementById("csrf-form").submit()</script>
</html>
I can't proceed it with PhantomJS or CasperJS.
I don't know how HTML code will look like for different students (form id attribute can be different), I just want to execute JS code on page.
CasperJS version 1.1.4 at /opt/casperjs, using phantomjs version 2.1.1
var casper = require('casper').create();
casper.start('http://127.0.0.1/mypage.html');
Since you do not know the form id attribute (and since other element attributes are specific to each student), you can use casper.fillXPath() to use general selectors to fill out and auto-submit your form.
Example:
casper.start('https://example.com/', function () {
this.fillXPath('form', {
'//form/input[#type="hidden"][1]': username,
'//form/input[#type="hidden"][2]': password,
}, true);
});
Otherwise, you can look into using casper.fill(), casper.fillSelectors(), or casper.fillLabels() if you know more information about the selectors being used in the form.
If you need to simply execute JavaScript into the Page DOM environment, you can use casper.evaluate().
Until now I gave been using Avoriaz, but I would like to use Jest now ...
found some tuts... but could not get any hint on testing my contact view component sending POST to an external urk...
<form id="contactForm" action="https://formspree.io/mysite.com" method="POST">
<div class="form-group">
<input type="hidden" name="_next" v-model="next" />
<input type="hidden" name="_language" v-model="language" />
<input type="hidden" name="_subject" value="Contact from my site" />
<input v-model="sendername" ...>
<input v-model="email" ...>
</div>
<div class="form-group">
<div class="uk-margin">
<textarea v-model="message" ...></textarea>
</div>
</div>
<button type="submit" class="btn btn-primary btn-gradient submit">Send</button>
</form>
As the external post URL is only valid for production... I would like mock it and use the _next property as a callback page url...
any useful links to put me on first tracks ?? thanks a lot for feedback
You should prevent submit and post data using axios for example and then mock axios.
<!-- the submit event will no longer reload the page -->
<form v-on:submit.prevent="onSubmit"></form>
It's an easier way to unit-test that.
We are using Google custom search engine(Paid).We are not using google search control.How to implement the Autocomplete(query Suggestions) feature programatically. Is there any specific API for autocomplete
You can easily enable autocomplete in your GSS/CSE account:
https://support.google.com/customsearch/answer/2631081?hl=en
And then wait some time for automatic autocompletitions to be generated by Google.
If "not using google search control" means "we are using plain HTML form", then try this:
<form id="searchForm" action="http://google.com/cse">
<input type="hidden" name="cx" value="013315504628135767172:d6shbtxu-uo" />
<input type="hidden" name="ie" value="UTF-8" />
<input type="text" name="q" size="31" id="searchText" />
<input type="submit" name="sa" value="Search" />
</form>
<img src="//www.google.com/cse/images/google_custom_search_smwide.gif">
<script type="text/javascript" src="//www.google.com/jsapi"></script>
<script type="text/javascript">
google.load('search', '1');
var autoCompletionOptions = {
'maxCompletions' : 3,
'styleOptions' : {
'xOffset' : 10
}};
google.setOnLoadCallback(function() {
google.search.CustomSearchControl.attachAutoCompletionWithOptions(
"013315504628135767172:d6shbtxu-uo", document.getElementById('searchText'), 'searchForm',
autoCompletionOptions);
});
</script>
Of course, autocomplete should be enabled for that GSS/CSE (like described on the link above) no matter what you are using - CSE element or HTML form.
I use jquery to show hidden form. I want to know how I can automatically show form when user click Submit and then press back button. I don't want user to click New Account again to show form after they click back button.
I have these working code currently:
<head>
<script src="https://code.jquery.com/jquery-latest.js">
</script>
<script type="text/javascript">
$(function() {
$('#register_link').click(function() {
$('#show_form').toggle();
return false;
});
});
</script>
</head>
Google
|
New Account
<div id="show_form" style="display: none;">
<form id="register_form" method="post" action="verify.php">
Username
<inputname="username" id="username" type="text">
<br>
Email
<input name="email" id="email" type="email">
<br>
<input class="button_register" type="submit" value="Create New Account"
/>
</form>
</div>
Example: http://jsfiddle.net/n9uGH/17/
Is it actually possible? Thanks in advance
There are various ways that this could be achieved, however this depends on your server-side language and or hosting environment. Here is a fairly simple widely accepted methodology that should serve your purpose.
This is based on this cookie library for jQuery https://github.com/carhartl/jquery-cookie
Using cookies you can persist the information between the two page loads.
So on your form page you would do something like this
$(function() {
$('#register_link').click(function() {
$('#show_form').toggle();
return false;
});
if($.cookie('form_submitted')){
$('#show_form').toggle();
}
});
Then on the page which appears after submitting the form you can do this
$(function() {
$.cookie('form_submitted', 'yes');
});
I need to open some URL in WebView from the source code of an another URL. I am getting source code of that URL via ScriptNotify event. That URL contains a <form /> with GET/POST request & parameters
The HTML can contain either this
<form id="pay" method="GET" target="_blank" action="https://xxxxx.com/qqq/www">
<input type="hidden" value="643" name="param1">
<input type="hidden" value="313.62" name="param2">
<input type="hidden" value="GZc6PFXOTfmY58yJyk3DTg==" name="param3">
</form>
Or this
<form id="pay" method="POST" target="_blank" action="https://xxxxx.com/qqq/www">
<input type="hidden" value="643" name="param1">
<input type="hidden" value="313.62" name="param2">
<input type="hidden" value="GZc6PFXOTfmY58yJyk3DTg==" name="param3">
</form>
Now if I have GET method then I can develop URL by parsing the source code, it will become this for our example. I can open in WebView
https://xxxxx.com/qqq/www/?param1=643¶m2=313.62¶m3=GZc6PFXOTfmY58yJyk3DTg==
How can I do same if there's POST request ?
There's no method on WebView allowing you to perform a POST request. You could do it by invoking a JavaScript function inside WebView, though. First you need to construct a web page containg the form you require and a JavaScript function submitting it:
var html =
#"<html>
<head>
<script type=""text/javascript"">
function Submit()
{
document.getElementById('pay').submit();
}
</script>
</head>
<body>
<form id=""pay"" method=""POST"" action=""https://xxxxx.com/qqq/www"">
<input type=""hidden"" value=""643"" name=""param1"">
<input type=""hidden"" value=""313.62"" name=""param2"">
<input type=""hidden"" value=""GZc6PFXOTfmY58yJyk3DTg=="" name=""param3"">
</form>
</body>
</html>";
You then navigate to this HTML string and invoke the function:
webView.NavigateToString(html);
webView.InvokeScript("Submit", null);
During tests the second call always executed before the page was actually loaded and failed because of that so I had to work around it by reacting to LoadCompleted event:
webView.LoadCompleted += WebViewOnLoadCompleted;
webView.NavigateToString(html);
private void WebViewOnLoadCompleted(object sender, NavigationEventArgs navigationEventArgs)
{
webView.LoadCompleted -= WebViewOnLoadCompleted;
webView.InvokeScript("Submit", null);
}