connecting to smarter stats through cfhttp - coldfusion

I am trying to get connected to smarter stats website by by passing the login window and load the statistics in a fancybox page
so far this is my code: but that does not seems to be working
<cfhttp method="post" url="https://stats.ezhostingserver.com/" resolveurl="true" redirect="true">
<cfhttpparam type="FORMFIELD" name="ctl00$MPH$txtUserName" value="test.ca">
<cfhttpparam type="FORMFIELD" name="ctl00$MPH$txtPassword" value="mypwd!">
<cfhttpparam type="FORMFIELD" name="ctl00$MPH$txtSiteId" value="12343">
</cfhttp>
<cfif cfhttp.statuscode EQ '200 OK'>
<cfhttp result="results" url="https://stats.ezhostingserver.com/default.aspx"/>
<cfoutput>
#results.filecontent#
</cfoutput>
</cfif>
problem is every time i load the page
http://domain.in/index.cfm
it comes back to
http://domain.in/stats/Login.aspx
I am using hostek website's stats provide for a domain

The reason your code is behaving this way is because the initial URL you have in your cfhttp tag is returning an HTTP 302 redirect. Then because you have the redirect attribute of the cfhttp tag set to true it is actually performing the redirect. Look at the documentation for that attribute:
redirect - If the response header includes a Location field AND ColdFusion receives a 300-series (redirection) status code, specifies whether to redirect execution to the URL specified in the field:
yes: redirects execution to the specified page.
no: stops execution and returns the response information in the cfhttp variable, or throws an error if the throwOnError attribute is True.
The cfhttp.responseHeader.Location variable contains the redirection path. ColdFusion follows a maximum of four redirects on a request. If there are more, ColdFusion functions as if redirect = "no".
Note: The cflocation tag generates an HTTP 302 response with the url attribute as the Location header value.
So instead of using that initial URL for your cfhttp request, try using the URL it is redirecting to. And set the redirect attribute to false. But be aware that having that attribute set to false the tag will throw an error if it gets a redirect status code so you will need to handle that.
Example:
<cfhttp method="post"
url="https://stats.ezhostingserver.com/Login.aspx"
resolveurl="true"
redirect="false">

Related

CFHTTP POST, result is image, how to save

I found a web-site that clears exif data from an image. The source can either be an uploaded picture or a URL. I thought, perhaps, I could use this with CFHTTP to do this automatically for pictures I post to my web-site. I know I can probably run my images manually through this site before I upload them to my site. Call this an exercise if you want.
Here is the code I am using, which basically matches the form source on this very simple web-site (link)
<cfhttp method="POST" url="https://www.verexif.com/en/quitar.php" result="result" >
<cfhttpparam name="foto_url" type="formfield" value="{myimageurl}">
</cfhttp>
When I CFDUMP the result, I get the following:
When I try to use DeserializeJSON(result.Filecontent), it gives me a ColdFusion error:
When I url-encode my original URL in the CFHTTP tag, the result.filecontent contains the source code of the original web-site.
As can be seen in the first image above, there is a file called 'foto_no_exif.jpg' included in the output. This is the file I need to download. How can I do this ?
In your current dump, you have the modified image, but you need to get to accesses it as binary data. You can force the file content of the request to be treated as binary data by adding the attribute getasbinary to your cfhttp tag.
Working example:
<cfset imageURL ='https://raw.githubusercontent.com/ianare/exif-samples/master/jpg/long_description.jpg'/>
<cfhttp method="get" getasbinary="yes" charset="utf-8" url="https://www.verexif.com/en/quitar.php" result="result">
<cfhttpparam name="foto_url" type="formfield" value="#imageURL#">
</cfhttp>
<cfcontent variable="#result.Filecontent#" type="image/jpg" reset="true" />
Run it on TryCF.com

Difference between header and cookie for cfhttpparam type

I am working on a ColdFusion app that authenticates to SharePoint Online and pulls some files using SharePoint's REST API as described in http://paulryan.com.au/2014/spo-remote-authentication-rest/
When I try to obtain the FormDigestValue by posting to _api/contextinfo if I set the cfhttpparam type to cookie I get a 403 forbidden, but if I pass the cookies as a header everything works but I don't understand why.
<cfhttpparam
type="header"
name="cookie"
value="rtFa=#rtFa#;FedAuth=#FedAuth#"
/>
Works but
<cfhttpparam
type="cookie"
name="rtFa"
value="#rtFa#"
/>
<cfhttpparam
type="cookie"
name="FedAuth"
value="#FedAuth#"
/>
Fails
The best way to see what is happening would be to inspect the traffic and see what is happening. Other than that, I know that the difference between using the header type and the cookie type for the cfhttpparam tag is URL encoding.
When you use the header type the value is not URL encoded.
When you use the cookie type the value is URL encoded.
So my guess would be that their API does not like when the value is URL encoded.
Document reference for cfhttpparam attributes.

How to get the filename from a cfhttp get request?

If I run the following code to get an image from Medium's site:
<cfhttp url="https://cdn-images-1.medium.com/max/600/1*3j1McX-y1rvKewzI2gWc_w.png"
method="get" useragent="#CGI.http_user_agent#" getasbinary="yes">
I then want to save the image with the same name that they used i.e. 1*3j1McX-y1rvKewzI2gWc_w.png.
How can I get the name of the file from the cfhttp request? I looked in the cfhttp.header for any sign of the content-disposition attribute but can't find it.
Assuming you are getting these URLs dynamically, why not just parse it for the filename first, then apply that to the filename attribute?
<cfset filename1 = ListLast("https://cdn-images-1.medium.com/max/600/1*3j1McX-y1rvKewzI2gWc_w.png","/") />
<cfhttp url="https://cdn-images-1.medium.com/max/600/1*3j1McX-y1rvKewzI2gWc_w.png"
method="get" useragent="#CGI.http_user_agent#" getasbinary="yes" path="whateverpath" filename="#filename1#>

Error using cfhttp to retrieve page contents from bitly url

I am using cfhttp (Lucee Server) to scrape page contents from a url in the following manner:
<cfhttp url="#libs.originalAdPage#" method="GET" />
I then place this content in a div on my page.
This code has been working for a long time.
I have a need to report on the url's that have been scraped for their content and that information is placed into another website form that is not in my control. I decided to convert the url's to shortened bitly url's. I built the process into the page to create a bitly link and return that url to replace the existing url.
If i use the page with a shortened url from linkedin the page is scraped and displayed correctly in the div.
<cfhttp url="http://bit.ly/1NPhPgc" method="GET" />
But if I do an identical cfhttp call to a Indeed.com page shorted to a bitly URL I get a connection failure error.
<cfhttp url="http://bit.ly/1RQvlim" method="GET" />[![cfdump of connection failure][1]][1]
If I open this URL directly in the browser the page is displayed correctly.
Any ideas would be greatly appreciated.
Thanks,
Michael
I don't have access to a Lucee server to test with, however cfhttp on a ColdFusion server works fine for me for both of those bitly URLs. cfhttp follows the redirect and the FileContent contains the indeed.com page as would be expected.
Have you verified what happens with the Bitly Indeed URL if you prevent cfhttp from automatically following the redirects so that you can debug and follow the redirects manually? ie
<cftry>
<cfhttp url="http://bit.ly/1RQvlim" method="GET" redirect="no" />
<cfdump var="#cfhttp.responseHeader#" />
<cfhttp url="#cfhttp.responseHeader.Location#" method="GET" />
<cfdump var="#cfhttp#" label="cfhttp2" />
<cfcatch>
<cfdump var="#cfcatch#" label="cfcatch" />
</cfcatch>
</cftry>
Indeed.com do pay attention to crawlers and user agents - just see their robots.txt for evidence of this.
Do you have access to a different server to test with in case there is something specific to Lucee's cfhttp implementation or to your IP address (eg blacklisted due to all the scraping)?
Have you tried tweaking the cfhttp useragent and/or any other headers as per How to emulate a real http request via cfhttp?

How to create a new CouchDB User without Futon or Curl?

I'm searching for a way to create a new CouchDB user without using Futon or Curl... just a straight http request.
One way I found (http://stackoverflow.com/questions/3456256/error-creating-user-in-couchdb-1-0) puts a JSON doc to "http://localhost:5984/_users/org.couchdb.user:username" to create a user.
I have attempted the following:
<cfhttp url="http://127.0.0.1/_users/org.couchdb.user:xyz_company" port="5984" method="PUT" username="#variables.couch_username#" password="#variables.couch_password#">
<cfhttpparam type="header" name="Content-Type" value="application/json">
<cfhttpparam type='body' name='org.couchdb.user:xyz_company' value='{"roles":[],"name":"xyz_company","salt":"3B33BF09-26B9-D60A-8F469D01286E9590","id":"org.couchdb.user:xyz_company","password_sha":"096EA41A5A81EA1507F2C6F7EDC364C0B82694AC","type":"user"}'>
I keep receiving the following back from Couch:
cfhttp.statuscode = 405 Method Not Allowed
cfhttp.filecontent = Method Not Allowed; The requested method PUT is not allowed for the URL /_users/org.couchdb.user:xyz_company
Any thoughts or suggestions?
UPDATE:
I edited my code based on Marcello's suggestions. I still receive the same 405 Method Not Allowed error. Here is the code now:
<cfhttp url="http://127.0.0.1/_users/org.couchdb.user:xyz_company" port="5984" method="PUT" username="#variables.couch_username#" password="#variables.couch_password#"><cfhttpparam type="header" name="Content-Type" value="application/json;charset=UTF-8"><cfhttpparam type='body' value='{"roles":[],"name":"xyz_company","salt":"3B33BF09-26B9-D60A-8F469D01286E9590","_id":"org.couchdb.user:xyz_company","password_sha":"096EA41A5A81EA1507F2C6F7EDC364C0B82694AC","type":"user"}'></cfhttp>
Any more suggestions? Thank you!
curl is a straight http request. There are other ways to create such requests: you can craft them with your browser; you can use a different program (e.g. wget); or even write your own (e.g. in Python or in JavaScript with V8 or Rhino).