[Mechanize-users] Why won't this Ruby/Mechanize HTTP POST work? (the Bank's web server gives Session Timeout response)

Greg Hauptmann greg.hauptmann.ruby at gmail.com
Sat Aug 29 21:52:11 EDT 2009


PS.  If this helps:

******* Successful Post in Firefox - Info from Live HTTP Headers
Plugin ********  (reduced session id size down)
- from Generator Tab -
POST /IBAU/BANKAWAYTRAN;jsessionid=xxxxk%2F
Action.RetUser.SignonOK.x=31&Action.RetUser.SignonOK.y=13&Action.RetUser.SignonOK=Proceed+to+Internet+Banking
- from Headers Tab -
https://banking2.anz.com/IBAU/BANKAWAYTRAN;jsessionid=xxxxk%2F
POST /IBAU/BANKAWAYTRAN;jsessionid=xxxx%2F HTTP/1.1
Host: banking2.anz.com
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US;
rv:1.9.1.2) Gecko/20090729 Firefox/3.5.2
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Referer: https://banking2.anz.com/IBAU/BANKAWAY?Action.ANZRetUser.External.SignOn=Y&SecureSubmissionParameter=Y&AppSignonBankId=AUANZ&AppType=corporate&CorporateSignonLangId=001&Country=AU&AffiliateId=00010
Content-Type: application/x-www-form-urlencoded
Content-Length: 109
Action.RetUser.SignonOK.x=31&Action.RetUser.SignonOK.y=13&Action.RetUser.SignonOK=Proceed+to+Internet+Banking
HTTP/1.x 200 OK
Cache-Control: max-age=0
Connection: close
Date: Sun, 30 Aug 2009 01:45:25 GMT
Pragma: no-cache
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-AU
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Server: Microsoft-IIS/6.0, WebSphere Application Server/5.1
X-Powered-By: ASP.NET
Content-Encoding: gzip
Vary: Accept-Encoding
Transfer-Encoding: chunked

****** unsuccessful post in Mechanize/Ruby - take from Log file ***********
D, [2009-08-30T10:51:03.165628 #5622] DEBUG -- : query:
"Action.RetUser.SignonOK=Proceed+to+Internet+Banking&Action.RetUser.SignonOK.x=23&Action.RetUser.SignonOK.y=7"
I, [2009-08-30T10:51:03.418785 #5622]  INFO -- : Net::HTTP::Post:
/IBAU/BANKAWAYTRAN;jsessionid=xxxx9OF5
D, [2009-08-30T10:51:03.418917 #5622] DEBUG -- : request-header:
accept-language => en-us,en;q=0.5
D, [2009-08-30T10:51:03.418964 #5622] DEBUG -- : request-header:
connection => keep-alive
D, [2009-08-30T10:51:03.419005 #5622] DEBUG -- : request-header: accept => */*
D, [2009-08-30T10:51:03.419046 #5622] DEBUG -- : request-header:
accept-encoding => gzip,identity
D, [2009-08-30T10:51:03.419141 #5622] DEBUG -- : request-header:
content-type => application/x-www-form-urlencoded
D, [2009-08-30T10:51:03.419182 #5622] DEBUG -- : request-header:
user-agent => WWW-Mechanize/0.9.3
(http://rubyforge.org/projects/mechanize/)
D, [2009-08-30T10:51:03.419224 #5622] DEBUG -- : request-header:
referer => https://banking1.anz.com/IBAU/BANKAWAY?Action.ANZRetUser.External.SignOn=Y&SecureSubmissionParameter=Y&AppSignonBankId=AUANZ&AppType=corporate&CorporateSignonLangId=001&Country=AU&AffiliateId=00010
D, [2009-08-30T10:51:03.419267 #5622] DEBUG -- : request-header:
accept-charset => ISO-8859-1,utf-8;q=0.7,*;q=0.7
D, [2009-08-30T10:51:03.419308 #5622] DEBUG -- : request-header:
content-length => 108
D, [2009-08-30T10:51:03.419348 #5622] DEBUG -- : request-header: host
=> banking2.anz.com
D, [2009-08-30T10:51:03.419389 #5622] DEBUG -- : request-header:
keep-alive => 300
D, [2009-08-30T10:51:03.563672 #5622] DEBUG -- : Read 882 bytes



thanks again - if you can spot a reason why for the response from
Mechanize I get the "session expired/no longer valid" that'd be great!




2009/8/30 Greg Hauptmann <greg.hauptmann.ruby at gmail.com>:
> oh dear
>
> * After clearing cookies in the browser & using HTTP Live Headers &
> CharlesProxy I see that I can use my browser successfully without
> cookies appears (and I have javascript disabled).   I can't see how
> inserting a cookie will help here therefore.
>
> * The request parameters are now matching (perhaps in a different
> order but I assume this doesn't matter)
>
> *  The request headers seem OK, there are a few that are difference
> but I think this would be ok no?
> - I have "accept-encoding => gzip,identity" NOT "gzip,deflate"
> - User agent is different of course - I have "user-agent =>
> WWW-Mechanize/0.9.3 (http://rubyforge.org/projects/mechanize/)". I
> wonder whether I should try to make it match that of firefox?
>
> * The visual text in the page I get back does say things including the
> following:
> Why Your Session Has Ended
> Timing out of sessions
> The most likely reason is that you have exceeded your set time limit
> for submitting information
> You may have:
>  Resubmitted a request
>  Asked for a page from a banking session that had ended
>  Used a web browser that is not fully compatible with this service
> What you can do?
>  If you came to this page by using a saved bookmark, please remove
> this bookmark from your list
>  You may need to check the web browser you are using
>  Return to the log on page to commence a new Internet Banking session
>
>
> Any other ideas/techniques to try?   I'm running out of ideas?
>
>
>
> Thanks
>



-- 
Greg
http://blog.gregnet.org/


More information about the Mechanize-users mailing list