Powershell, invoke-webrequest, and post params

[Danith]

Trying to automate some posting to the web that we do but running into either weirdness with invoking-webrequest -Body $postparams or I'm not doing it right.

The default fields when that page is requested are: S_Period_Str = "", E_Period_Str = "11/04/15", input-option = "checked"

I have -

$postParams = @{S_Period_Str='11/03/15';E_Period_Str='11/03/15';'input-option'='checkedOther'}
$r = Invoke-WebRequest $site -Method POST -Body $postParams -Credentials $creds

When I do this, the response is
S_Period_Str "11/03/15"
E_Period_Str "?"
input-option "checked"

So it seems to be posting one of the values and changing another. I don't see any misspellings, no idea why it's not posting the rest.


I can get around it by doing that invoke method then

$r.Forms[0].Fields.S_Period_Str = "11/03/15"
$r.Forms[0].Fields.E_Period_Str = "11/03/15"
$r.Forms[0].Fields."input-options" = "checkedOther"
Invoke-RestMethod $site -Method POST -Body $r -Credential $cred

That seems to post everything correctly but there has to be a reason why the initial post isn't working.

I'm not good with the web request/response/post/get/etcetc things

 

[Tawnos]

Why do you switch from invoke webrequest to invoke restmethod?

This looks like you could do
Invoke-RestMethod $site -Method POST -Body @{S_Period_Str="11/03/15";E_Period_Str="11/03/15";"input-option"="checkedOther"} -Credential $cred

 

[Danith]

Why do you switch from invoke webrequest to invoke restmethod?

This looks like you could do
Invoke-RestMethod $site -Method POST -Body @{S_Period_Str="11/03/15";E_Period_Str="11/03/15";"input-option"="checkedOther"} -Credential $cred

Because if I invoked-webrequest again with $body it just returned the normal page and invoke-restmethod seemed to work. Can't find the link I saw it on but found this which uses invoke-webrequest and invoke-restmethod - http://otheratmosphere.com/invoke-restmethod-and-invoke-webrequest/

I tried invoke-webrequest with the body filled out like that but never tried the invoke-restmethod like that. Will play around with it and see if it works.

edit: same thing as with webrequest. It returns the 'before posting' page with the S_Period_Str set correctly but e_period_str has value=? for some reason. It's working the current way by requesting the page, editing the forms returned, then invoke-restmethod <...> -Body $wr

Now I'm working on how to log on to a page that uses a login box/aspx form, and postback

 

[Tawnos]

Without knowing more about your page, it's hard to say. You may have a session identifier or other viewstate params that need to be sent back to the server for it to respond correctly, hence why modifying the form works but straight invocation does not.

 

[Danith]

Ok, this aspx thing is frusterating.

I create the web request

$wr = Invoke-WebRequest -Uri $site -SessionVariable ws

set the form info to the login -

$wr.Forms[0].Fields.ctl00_lvNotification__Login__Username = $user
$wr.Forms[0].Fields.ctl00_lvNotification__Login__Password = $pass

Try to submit it (new webrequest because I didn't want to overwright the old one at this time)

$newwr = Invoke-WebRequest -Uri ($site + $wr.Forms[0].Action) -Method $wr.Forms[0]Method -WebSession $ws -Body $wr.Forms[0]

It returns status 200 OK but $newwr is showing the login page still.

So I install fiddler to see whats going on. Find some fields that are submitted when I go through the website login, so I add them to the webrequest

$wr.Forms[0].Fields.Add("MyNewField", "stuff")

Do another submit and again it says 200 OK, and website is showing as the login/password page again.

I think it has something to do with the site going to default.aspx after you log in but when I try calling default.aspx after submitting the webrequest with the info it still returns the login page. (The URL looks like this on the login page: Login.aspx?ReturnUrl=%2fdefault.aspx. After logging in your at default.aspx)


I think at this point I'll just try to make something work by going through an internet explorer browser object and try to interact with the site through that

 

[Tawnos]

1) is this right? -Method $wr.Forms[0]Method
Looks like it should be -Method $wr.Forms[0].Method

2) Is your page using something to prevent CSRF that is not being correctly caught sent when you modify the form?

3) Nitpick: you probably want to add the -UseBasicParsing switch flag to the Invoke-WebRequest call so that it doesn't do DOM parsing. From the docs: "Uses the response object for HTML content without Document Object Model (DOM) parsing.

This parameter is required when Internet Explorer is not installed on the computers, such as on a Server Core installation of a Windows Server operating system."