My script attempts to log into a website via a form. After being redirected several times during authentication, it crashes with an sslv3 alert illegal parameter. I was wondering if something weird was going on with the cookies so I checked the HTML headers with the DEBUG output. The two outputs are pasted below.
Some other weird things: the click_button
and submit
methods appear to do different things; namely, click_button
gets the execution of the redirections to last a little longer, but it also crashes with the above error. submit
doesn't crash the program, but the login doesn't appear to work either. I tried running it on an older version of Ruby and the error turns into a connection_refused
error while using click_button
and the behavior is identical while using submit
.
Here are outputs I mentioned in the first paragraph in .txt, in case you find the text below difficult to read.
DEBUG OUTPUT when I run the script:
`I, [2010-11-15T17:52:20.462201 #22853] INFO -- : follow redirect to: htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814682&uin_in=XXXXXXXXX&digest_in=be34b4b470a0da1831c7c432e353c320 /usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect': SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert illegal parameter (OpenSSL::SSL::SSLError) from /usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect' from /usr/lib/ruby/1.9.1/net/http.rb:637:in 'do_start' from /usr/lib/ruby/1.9.1/net/http.rb:632:in 'start' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:527:in 'fetch_page' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:464:in 'post_form' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:370:in 'submit' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:141:in 'submit' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:147:in 'click_button' from ./courseChecker.rb:33:in 'block in ' from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:262:in 'get' from ./courseChecker.rb:26:in ''`
HTML HEADERS TRACE from successful Firefox login:
`htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f` `GET /BANPROD1/xxauthent.ss_md5_lo开发者_JAVA技巧gin?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f HTTP/1.1 Host: xx2web1.apps.XXXXXXXXX.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101027 Firefox/3.6.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: htps://eas.admin.XXXXXXXXX.com/eas/servlet/EasLogin?redirect=htps://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1 Cookie: RedirectString=https://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1; EnterpriseSessionId=8cc56f29-28de-4a01-96b8-6f58c30d6b6e-155.69.191.54; TESTID=test` `HTTP/1.1 200 OK Date: Mon, 15 Nov 2010 09:42:03 GMT Server: Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Content-Length: 228 Set-Cookie: SESSID=RTlCTzQ4MTc5NDAzOQ== Connection: close Content-Type: text/html; charset=UTF-8`
Have you tried getting Mechanize to go via a proxy, for example Charles, and look into what its sending back and forth compared to Firefox?
It can be configured to look into https interactions.
Have fun, Chris
精彩评论