Re: Igor, pAPP toolkit questions

From: Josh Mclaren (optics201_at_optonline.com)
Date: 11/24/04 

Date: 23 Nov 2004 16:28:55 -0800

Igor,

Your advice worked, just as you had expected. This even helped my
greater goal of looking at all data that went out.. the
HTTP_QUERY_RAW_HEADERS_CRLF has a lot more detail when checked within
BINDSTATUS_SENDINGREQUEST.

Although it worked, I found that this might not be everything that I
need...

For basic authentication we can be pretty sure that sending the same
data will result in authorization and the same response at a later
time. So that is good.

As far as I understand NTLM credentials, this credentials data will
not be useful in a playback scenario where we send the same HTTP
stream of data at a later time to the server. If the credentials
header is sufficient to send back at a later time and have it
authorize, then I technically should be ok.

Again, with my cursory glance at the NTLM protocol, I am guessing this
is not the case (would make life too easy for me ;) ).

I suspect I need to implement IAuthenticate, but somehow make it pass
through as well. I also suspect this is stuff that may need to be
handled at the host application/WebBrowser control rather than at the
protocol level. I haven't had much success with this in the C#
project which is consuming the pAPP COM object.

I hope you still get a chance to look at my previous post since
although this post deals with outgoing stuff and NTLM credentials, I'm
still curious about reading back or building the entire response
stream including response headers / HTML content, preferabally to
store it in its entirety.

If you could point me in the direction of the easiest way to extract
this using the pAPP toolkit that would be just excellent!

HTTPS is also something I am keeping in mind, I want to be able to
see/build both the request and response streams unencrypted. With my
tests so far, I believe the pAPP toolkit already is setup to show it
to me unencrypted.

Thanks again for your help!!

-Josh

"Igor Tandetnik" <itandetnik@mvps.org> wrote in message news:<#RzCtmX0EHA.804@TK2MSFTNGP12.phx.gbl>...
> "Josh Mclaren" <optics201@optonline.com> wrote in message
> news:72494446.0411221935.4f759181@posting.google.com
> > I am having trouble implementing what you suggested in the following
> > post, with the pAPP toolkit. :
> >
> > http://groups.google.com/groups?hl=en&lr=&safe=off&selm=OsmO3iP5DHA.1664%40TK2MSFTNGP11.phx.gbl
> >
> > When I simply take the pAPP toolkit and replace the
> > HTTP_QUERY_RAW_HEADERS_CRLF | HTTP_QUERY_FLAG_REQUEST_HEADERS
> > QueryInfo call
> >
> > with
> >
> > HTTP_QUERY_AUTHORIZATION | HTTP_QUERY_FLAG_REQUEST_HEADERS
> >
> > the buffer is always an invalid pointer.
>
> I'm not sure what that means. You pass the buffer to the method, right?
> So make sure it is valid. Am I missing something obvious?
>
> Also, make sure you don't call too early. You definitely need to do it
> after IAuthenticate::Authenticate returns. Probably the best place is in
> BINDSTATUS_SENDINGREQUEST notification - by this time, all the request
> headers have been fully prepared.
>
> > I've also played around with
> > GetBindInfo off of the m_spInternetBindInfo object. I've been able to
> > use that succesfully to retreive post Data (though I'm not sure that
> > is the best way)
>
> It is the best and only way. The POST data is supplied in BINDINFO
> structure.
>
> > and I thought I might be able to use it similarly to
> > retrieve BINDSTRING_USERNAME as some MSDN code retrieves MIME types.
>
> I found GetBindString to be very inconsistent. It works for some strings
> but not others, with no apparent reason. Usually there are alternative
> ways to get the same information, so I haven't spent much time on it.
>
> > Another question I had is to ask is what is the best way to examine
> > the html content that is received with the current toolkit.
>
> IInternetProtocol::Read is the only place you can see it.
>
> > Ideally
> > I'd like the entire message rather than dealing with QueryInfo's
> > splitting of the headers etc.
>
> Now I'm confused. Are you asking about response body (presumably HTML
> content), or response headers?

Relevant Pages

  • Re: Newsgroups with large number of posts hangs OE
    ... My response was an unsubtle reference to my frustration with OE's bugs. ... settings in the large NGs I susbscribe to to "headers only" then use the "Sync All" button which then proceeds to d/l all the headers of these large NGs. ... I suppose that could possibly be due to the server of that particular NG.....I dunno. ... The best way to do this is to right click on the folder name in the folder list. ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Alert box doesnt appear
    ... response which consists of headers and content. ... and provides the location information (in this ... If you want to have a message box and then navigate to the next page, ...
    (microsoft.public.dotnet.framework.aspnet)
  • Re: How could this possibly happen (HttpURLConnection + simple JSP page)
    ... In PHP that would throw some nasty HTTP-related warnings and potentially break the page as you are changing the headers after HTML display? ... You are writing code in a special format that is compiled in to a servlet, which is then executed by the server when the page is requested. ... The other thing is that writing things "after HTML display" is probably very difficult as the display is done on the users computer when they have recieved the response. ... When you create a response for the user it does not necessarily get sent back as soon as you start, and more importantly the headers do not necessarily finish as soon as you start writing to the body. ...
    (comp.lang.java.help)
  • Re: URLScan
    ... Are you using UrlScan to remove or alter the server header in the response? ... of headers at once. ... The symptom you'll seen when any ISAPI filter modifies any ...
    (microsoft.public.inetserver.iis.security)