
I have been trying for awhile now to log into a website using a WebRequest with no luck and I'm hoping that somebody can help me out. The login page uses "multipart/form-data; boundary" for its post data which I have never encountered before and I haven't been able to get it to work.

A successful post looks like this (courtesy of Tamper):

Content-Disposition: form-data; name="cc_session_id"

Content-Disposition: form-data; name="cc_action"

Content-Disposition: form-data; name="cc_failure_url"
Content-Disposition: form-data; name="cc_success_url"
Content-Disposition: form-data; name="email"

Content-Disposition: form-data; name="password"

Content-Disposition: form-data; name="login"

Log in

My connection method looks like this:

    private static WebResponse Connect()
        var manager = new SessionIDManager();
        var boundary = "---------------------------" + DateTime.Now.Ticks;
        var newLine = Environment.NewLine;
        var propFormat = "--" + boundary + newLine +
                            "Content-Disposition: form-data; name=\"{0}\"" + newLine + newLine +
                            "{1}" + newLine;

        var req = WebRequest.Create("");
        var session = manager.CreateSessionID(HttpContext.Current);
        req.Method = "POST";
        req.ContentType = "multipart/form-data; boundary=" + boundary;
        string formParams = string.Format(propFormat, "cc_session_id", session); 
        formParams += string.Format(propFormat, "cc_action", "cca_login");
        formParams += string.Format(propFormat, "cc_failure_url", "");
        formParams += string.Format(propFormat, "cc_success_url", "");
        formParams += string.Format(propFormat, "email", Credentials.ToInsecureString(Credentials.DecryptString(Settings.FanDuel.UserName)));
        formParams += string.Format(propFormat, "password", Credentials.ToInsecureString(Credentials.DecryptString(Settings.FanDuel.Password)));
        formParams += string.Format(propFormat, "login", "Log in");
        formParams += "--" + boundary + "--";

        byte[] bytes = Encoding.ASCII.GetBytes(formParams);
        req.ContentLength = bytes.Length;
        using (Stream os = req.GetRequestStream())
            os.Write(bytes, 0, bytes.Length);

        return req.GetResponse();

It produces the following post data:

Content-Disposition: form-data; name="cc_session_id"

Content-Disposition: form-data; name="cc_action"

Content-Disposition: form-data; name="cc_failure_url"
Content-Disposition: form-data; name="cc_success_url"
Content-Disposition: form-data; name="email"

Content-Disposition: form-data; name="password"

Content-Disposition: form-data; name="login"

Log in

Unfortunately, the response's cookie isn't that of a successful login. At this point I don't know what else to do and I would appreciate any help anybody would be willing to offer me to get this working. Thanks.

Update: I Tried getting an initial response and then using that session id for my post, but still no luck. Does anybody have any ideas?

War es hilfreich?


I've managed to get this working and optimized the method to the best of my ability.

private CookieContainer cookies = new CookieContainer();
private string loginCookie;

public bool IsLoggedIn { get; set; }

public void Login()
    var boundary = "---------------------------" + DateTime.Now.Ticks;
    var newLine = Environment.NewLine;
    var propFormat = "--" + boundary + newLine +
        "Content-Disposition: form-data; name=\"{0}\"" +
        newLine + newLine + "{1}" + newLine;

    var req = WebRequest.Create("") as HttpWebRequest;
    req.CookieContainer = cookies;
    req.Method = "POST";
    req.ContentType = "multipart/form-data; boundary=" + boundary;
    string formParams = string.Format(propFormat, "cc_session_id", new SessionIDManager().CreateSessionID(HttpContext.Current));
    formParams += string.Format(propFormat, "cc_action", "cca_login");
    formParams += string.Format(propFormat, "cc_failure_url", "");
    formParams += string.Format(propFormat, "cc_success_url", "");
    formParams += string.Format(propFormat, "email", Credentials.ToInsecureString(Credentials.DecryptString(FanDuel.Default.UserName)));
    formParams += string.Format(propFormat, "password", Credentials.ToInsecureString(Credentials.DecryptString(FanDuel.Default.Password)));
    formParams += string.Format(propFormat, "login", "Log in");
    formParams += "--" + boundary + "--";

    byte[] bytes = Encoding.ASCII.GetBytes(formParams);
    req.ContentLength = bytes.Length;
    using (Stream os = req.GetRequestStream())
        os.Write(bytes, 0, bytes.Length);

    var res = req.GetResponse();

    loginCookie = req.Headers["Cookie"];

    IsLoggedIn = res.ResponseUri == new Uri("");

Then pass loginCookie to any other relevant WebRequest:

void SomeMethod()
    var req = WebRequest.Create("SomeUri");
    req.Headers.Add("Cookie", loginCookie);
    var res = req.GetResponse();

I hope this helps somebody in the future.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top