Use httpwatch for Automatic Login

Webpage analysis tools: httpwatch,

Development Environment: vs2005 C #

First, open the page: http://www2.baidu.com, automatically jump to the http://cas.baidu.com /? TPL = www2 & fromu = http % 3A % 2f % 2fwww2.baidu.com % 2f
Get it Verification Code address: http://cas.baidu.com /? Action = Images & Key = 1252647747466
The Verification Code address is generated based on the front-end Js.
<SCRIPT type = "text/JavaScript">
VaR strvalidimgurl = '/? Action = image ';
Function addtmspan (){
VaR objimgvalid = Document. getelementbyid ("imgvalid ");
VaR inttm = new date (). gettime ();
Objimgvalid. src = strvalidimgurl + "& Key =" + inttm;
}
</SCRIPT>

Then, get the submit address: https://cas.baidu.com /? Action = login (Note: https is a difficulty, which is equivalent to changing the domain)
Submitted fields:
Appid 3
Button2 Login
Charset UTF-8
Entered_imagecode ba27
Entered_login aaaaaa
Entered_password aaaaaa
Fromu http://www2.baidu.com/
After the login is successful, it is not completed yet, and it has been relocated twice:
Http://www2.baidu.com /? Castk = 878d9sf7f8ea78bd5d515 this webpage redirect to http://fengchao.baidu.com/indexAction.do? Uid = 1806516 (domain name changed here)
Http://fengchao.baidu.com/indexAction.do? Uid = 1806516 turn to redirect to http://fengchao.baidu.com/indexAction.do again? Uid = 1806516 & userid = 1806516
The last is the home page: http://fengchao.baidu.com/indexAction.do? Uid = 1806516 & userid = 1806516

In fact, useful to us is http://www2.baidu.com /? Castk = 878d9sf7f8ea78bd5d515 the cookie on this webpage. With this cookie, you can perform other operations after logging on. Otherwise, it makes no sense to log on successfully.

The main program is as follows:
Public static string login (out string outcookie, out string out2cookie)
{
String cookie, code, username, userpass;
Username = "*****"; // User Name
Userpass = "*****"; // Password
String posturl = "https://cas.baidu.com /? Action = login ";
Getnumber ("http://cas.baidu.com /? Action = Image & Key = "+ gettime () +" "," baidu_cas ", out Cookie, out code); // obtain the verification code and webpage cookie
Cookie = cookie. Replace ("Domain = cas.baidu.com;", ""); // sort the cookie (required for cross-origin)
String poststring = "appid = 3 & button2 =" + system. web. httputility. urlencode ("login ") + "& charset = UTF-8 & entered_imagecode =" + code + "& entered_login =" + username + "& entered_password =" + userpass + "& fromu =" + system. web. httputility. urlencode ("http://www2.baidu.com/") + "; // organizes post content
String refurl = "http://cas.baidu.com /? TPL = www2 & fromu = http % 3A % 2f % 2fwww2.baidu.com % 2f ";

Outcookie = NULL;
Out2cookie = NULL;
String returnstring = postpage (posturl, poststring, Cookie, refurl, out outcookie); // submit
String geturl = "";
String ret2 = "";
String ret3 = "";
If (outcookie! = NULL)
{
Outcookie = outcookie. Replace ("Domain = cas.baidu.com;", ""); // sort the cookie again
Geturl = geturlfromstr (returnstring); // get the Redirection URL (http://www2.baidu.com /? Castk = 878d9sf7f8ea78bd5d515)

/// Continue access
Ret2 = gethtml (geturl, false, outcookie, out out2cookie); // obtain the second cookie

Out2cookie = out2cookie. Replace ("www2", ""); // you still need to sort out the cookies.

}
Return ret2;
}

In short, it is necessary to analyze the web page for automatic login. httpwatch is a good job. After a careful study, it can help us do a lot of things!