Java – when I send post data to ASP. Net via Android Net MVC site, why does error 500 occur?
I'm trying to create an android app to check my engineering school test scores In order to download word with scores, I need to log in to the portal
I think it would be easy to implement it by sending a post request
After bypassing the problem of self signed certificate (or other) through the code on this page: self signed SSL acceptance on Android
When I try to send any post request to the login page, I still receive a 500 error, which is: https://e-campus.hei.fr/ERP-prod/pc_mv_login.aspx
I try to send various codes from the Internet to send post data (especially how to do a HTTP post in Android) Even on pure Java applications, I got 500
When I point the URL to another test page, I try to make it work, but not in https://e-campus.hei.fr/ERP-prod/pc_mv_login.aspx
Anyone can explain to me why it doesn't work or help me get rid of this mistake?
Edit: This is the content sent through my browser (according to the chrome development tool)
__EVENTTARGET: __EVENTARGUMENT: __VIEWSTATE:dDwxNDU4ODc4MDI5O3Q8O2w8aTwwPjs+O2w8dDw7bDxpPDE+O2k8Nz47aTwxMz47aTwxNT47aTwxNz47aTwxOT47PjtsPHQ8cDxwPGw8VGV4dDs+O2w8SWRlbnRpZmlhbnQgOjs+Pjs+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8TW90IGRlIHBhc3NlIDo7Pj47Pjs7Pjt0PHA8cDxsPFRleHQ7PjtsPExhbmd1ZSA6Oz4+Oz47Oz47dDx0PDt0PGk8Mj47QDxBbmdsYWlzO0ZyYW7Dp2Fpczs+O0A8ZW47ZnI7Pj47bDxpPDE+Oz4+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8Vm91cyBuJ8OqdGVzIHBhcyBhdXRvcmlzw6kgIMOgIHZvdXMgY29ubmVjdGVyLjs+Pjs+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8Q29ubmVjdGVyIDo7Pj47Pjs7Pjs+Pjs+Pjs+inmhCwE9zfymuEXDXGORShkB1GI= Username:****** Password:****** Langues:fr Button1:Connecter :
This is the string I sent:
String parameters = "__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE="
+ URLEncoder
.encode("dDwxNDU4ODc4MDI5O3Q8O2w8aTwwPjs+O2w8dDw7bDxpPDE+O2k8Nz47aTwxMz47aTwxNT47aTwxNz47aTwxOT47PjtsPHQ8cDxwPGw8VGV4dDs+O2w8SWRlbnRpZmlhbnQgOjs+Pjs+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8TW90IGRlIHBhc3NlIDo7Pj47Pjs7Pjt0PHA8cDxsPFRleHQ7PjtsPExhbmd1ZSA6Oz4+Oz47Oz47dDx0PDt0PGk8Mj47QDxBbmdsYWlzO0ZyYW7Dp2Fpczs+O0A8ZW47ZnI7Pj47bDxpPDE+Oz4+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8Vm91cyBuJ8OqdGVzIHBhcyBhdXRvcmlzw6kgIMOgIHZvdXMgY29ubmVjdGVyLjs+Pjs+Ozs+O3Q8cDxwPGw8VGV4dDs+O2w8Q29ubmVjdGVyIDo7Pj47Pjs7Pjs+Pjs+Pjs+inmhCwE9zfymuEXDXGORShkB1GI=","UTF-8") + "&Username="
+ URLEncoder.encode(mUsername,"UTF-8") + "&Password="
+ URLEncoder.encode(mPassword,"UTF-8")
+ "&Langues=fr&Button1="
+ URLEncoder.encode("Connecter :","UTF-8");
Solution
HTTP error 500 only means that the server - side code failed It has a bug, such as NullPointerException thrown there If the response body does not contain any reasonable content (such as stack trace) so that you can understand how it caused the request to change accordingly, the best way is to contact the server administrator and report the error in the server code and ask how to correctly perform the programmed login
If for some reason this is not an option, you should double check if you do not forget to send a specific cookie, title and / or parameter Maybe the server-side code expected it, but it was null and the code was wrong, so it completely broke 500 I recommend using firebug to track the entire HTTP traffic and compare it with the title / parameter setting Maybe you need to send back a specific cookie? Or do you need to send the name = value pair of the submit button? wait.
Update: you sent the wrong__ Viewstate value The website runs in ASP Net MVC, this is a component - based MVC framework (just like JSF in Java EE) It stores the component tree as view state You should not send a random / non-existent / invalid view state back as a parameter, but should be valid You need to rewrite the HTTP client so that it first triggers a get request on the page using the form, and then uses the HTML parser (jsup?) Extract hidden__ The value of the viewstate input field, and finally issue a post request value (exactly the same as the cookie in the request header!)
Like JSF, view state is part of CSRF attack prevention The form cannot be submitted without first requesting the form from the site itself in the same session