Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Groups
  • Search
  • Get Qt Extensions
  • Unsolved
Collapse
Brand Logo
  1. Home
  2. Qt Development
  3. General and Desktop
  4. QtNetworkRequest, GET request on a local GUI interface
Forum Updated to NodeBB v4.3 + New Features

QtNetworkRequest, GET request on a local GUI interface

Scheduled Pinned Locked Moved Unsolved General and Desktop
6 Posts 2 Posters 1.3k Views 1 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • I Offline
    I Offline
    itsmaxdd
    wrote on last edited by
    #1

    i'm using QNetworkRequest in order to issue a simple GET request to my router interface. Basically if the post data is empty i issue a GET otherwise i will issue a POST. Let's stick with the GET

    QString url=ui->lineEdit_url->text();
    QString paras=ui->pTextEdit_paras->toPlainText();
    qDebug()<< "paras" << paras;
    QByteArray post_data;
    post_data.append(paras);
    QNetworkRequest request = QNetworkRequest(QUrl(url));
    request.setRawHeader("Content-Type", "application/x-www-form-urlencoded");
    if(post_data.isEmpty())
    {
        //nam->head(request);
        nam->get(request);
    }
    else
    {
        nam->post(request,post_data);
    }
    
    ...
    connect(nam,
            SIGNAL(finished(QNetworkReply*)),
            this,
            SLOT(finished(QNetworkReply*)));
    ...
    
    void HttppostWindow::finished(QNetworkReply *reply)
    {
        if(reply->error() == QNetworkReply::NoError)
        {
            ui->textEdit_result->setText(QObject::tr(reply->readAll()));
        }
        else
        {
            ui->textEdit_result->setPlainText(reply->errorString());
        }
    }
    
    

    Right now the local interface asks for a login and a pw. The problem is that the retrieved text (login page) with the GET command is the one that the interface would show if the user would have insterted a wrong password (autentication failed please try again and so on). But it is clear that i'm not passing any parameter to the site.

    Any ideas?

    1 Reply Last reply
    0
    • p3c0P Offline
      p3c0P Offline
      p3c0
      Moderators
      wrote on last edited by
      #2

      @itsmaxdd
      Perhaps because it first requires a login to go further and thus get fetches login failed page.
      Connect to authenticationRequired signal, do authentication, and then get the page.

      157

      1 Reply Last reply
      0
      • I Offline
        I Offline
        itsmaxdd
        wrote on last edited by
        #3

        Let me explain how the auth work.

        When there is a GET request, the interface (or browser, i don't know who, i need to sniff more) sends a cookie in the header, its values is xAuth_SESSION_ID=XXXXXXXXXXXXXXX.
        The interface is using this Cookie for antiCSRF mechanisms.
        In particular in the POST request i sniffed with fiddler which is used by the browser to log in, it can be seen that in the body there is the following content: rn=XXXXXXXXXXXXXXX&hidepw=YYYYYYYYYYYYYYYYY

        rn is equal to the xAuth_SESSION_ID value while hidepw is the login pw which pass through a sort of MD5 function (available to me).

        Do you believe the authenticator would be able to solve the problem?
        Who is usually sending an xAuth_SESSION_ID in the header?

        I'll be back with more info in two days
        Regards,

        p3c0P 1 Reply Last reply
        0
        • I itsmaxdd

          Let me explain how the auth work.

          When there is a GET request, the interface (or browser, i don't know who, i need to sniff more) sends a cookie in the header, its values is xAuth_SESSION_ID=XXXXXXXXXXXXXXX.
          The interface is using this Cookie for antiCSRF mechanisms.
          In particular in the POST request i sniffed with fiddler which is used by the browser to log in, it can be seen that in the body there is the following content: rn=XXXXXXXXXXXXXXX&hidepw=YYYYYYYYYYYYYYYYY

          rn is equal to the xAuth_SESSION_ID value while hidepw is the login pw which pass through a sort of MD5 function (available to me).

          Do you believe the authenticator would be able to solve the problem?
          Who is usually sending an xAuth_SESSION_ID in the header?

          I'll be back with more info in two days
          Regards,

          p3c0P Offline
          p3c0P Offline
          p3c0
          Moderators
          wrote on last edited by
          #4

          @itsmaxdd If you have the username and password you should try by the authenticator.

          157

          I 1 Reply Last reply
          0
          • p3c0P p3c0

            @itsmaxdd If you have the username and password you should try by the authenticator.

            I Offline
            I Offline
            itsmaxdd
            wrote on last edited by
            #5

            @p3c0 How can the authenticator know that it needs the branded MD5 script and that particular content format? I don't think the local interface is implementing an http basic auth

            1 Reply Last reply
            0
            • p3c0P Offline
              p3c0P Offline
              p3c0
              Moderators
              wrote on last edited by
              #6

              Hi @itsmaxdd . Sorry for the late reply. Well then I think another way perhaps could be creating a QNetworkRequest and setting raw headers defined by the server. Then you can create a QNAM object and the put this request. If the server expects some data with the request then you can create QByteArray of the required data and then post.

              157

              1 Reply Last reply
              0

              • Login

              • Login or register to search.
              • First post
                Last post
              0
              • Categories
              • Recent
              • Tags
              • Popular
              • Users
              • Groups
              • Search
              • Get Qt Extensions
              • Unsolved