Performing the Submit Form using C#

Asked

Viewed 1,752 times

0

There is the following HTML login form

  <form action="/Home/Login?ReturnUrl=%2f" method="post">
     <input name="__RequestVerificationToken" type="hidden" value="W3ndyLx5kkFIy_QKjOGhEYQoHFtF4kIMFxLIG42t2r5tJJKwnzCy1iMmLw8SFH6yIm7DnHiQqKAmOhKS-PSDnDDzNcfjxNWCCEDthaA5mAE1" />    
     <div  style="width: 40%; margin-left:36%;" >

    <h2>Login</h2>

    <div class="form-group">
        <label for="Usuario">Usu&#225;rio</label>
        <input class="form-control" data-val="true" data-val-required="Usuário Necessário" id="Usuario" name="Usuario" placeholder="Digite seu usuário" type="text" value="" />
        <span class="field-validation-valid" data-valmsg-for="Usuario" data-valmsg-replace="true"></span>
    </div>
      <div class="form-group">
        <label for="Senha">Senha</label>
        <input class="form-control" data-val="true" data-val-required="Senha Necessária" id="Senha" name="Senha" placeholder="Digite sua senha" type="password" />
         <span class="field-validation-valid" data-valmsg-for="Senha" data-valmsg-replace="true"></span>
      </div>

      <button type="submit" style="width: 100px" class="btn btn-success" value="Entrar">Entrar</button>
  </div>
</form>

I am trying to log in to this page using C#:

    private string Realizar(string url, string Usuario, string Senha)
    {
        string resultado = string.Empty;
        string strPost = "Usuario=" + Usuario + "&Senha=" + Senha + "&ReturnUrl=//";
        Stream myWriter = null;

        HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
        byte[] send = Encoding.Default.GetBytes(strPost);
        request.Method = "POST";
        request.ContentLength = send.Length;
        request.ContentType = "application/x-www-form-urlencoded";
        request.Credentials = CredentialCache.DefaultCredentials;

        try
        {
            myWriter = request.GetRequestStream();
            myWriter.Write(send, 0, send.Length);
        }
        catch (Exception ex)
        {
            return ex.Message;
        }
        finally
        {
            myWriter.Close();
        }

        var response = (HttpWebResponse)request.GetResponse();
        if(response == null)
        {
            return "Erro";
        }
        using(StreamReader reader = new StreamReader(response.GetResponseStream()))
        {
            resultado = reader.ReadToEnd();

            reader.Close();
        }

        return resultado;

    }

However, when executing the function, returns the following exception: The remote server returned an error:

(500) Internal Server Error.

Can someone help me?

  • 1

    The route /Home/Login is being pointed to the method private Carry out?

  • is in the variable "url"

  • You have a Controller called Home, with a Method Called Login?

  • is an external page, does not belong to the main project, the goal is to perform a page login using another application

1 answer

1


If html contains input __RequestVerificationToken

<input name="__RequestVerificationToken" type="hidden" value="W3ndyLx5kkFIy_QKjOGhEYQoHFtF4kIMFxLIG42t2r5tJJKwnzCy1iMmLw8SFH6yIm7DnHiQqKAmOhKS-PSDnDDzNcfjxNWCCEDthaA5mAE1" />

Action probably has the attribute [ValidateAntiForgeryToken]

The purpose of this attribute is to prevent access to your application by http requests originating from other applications. Ensuring that only your application views can submit requests to Action "decorated" with this attribute.

When trying to submit an http request to an Action with this attribute, without sending the generated input __RequestVerificationToken or reporting a wrong value 500 error is generated on the server.

For more information:

Preventing Cross-Site Request Forgery (CSRF) Attacks in ASP.NET Web API XSRF/CSRF Prevention in ASP.NET MVC and Web Pages

Browser other questions tagged

You are not signed in. Login or sign up in order to post.