pgbrowser
pgbrowser copied to clipboard
monkeysuffrage
Use PGBrowser against Page with Event Validation enabled
This script is great, but I can't make it work on the ASP.NET pages with Event Validation enabled.
The response from the page is:
Invalid postback or callback argument. Event validation is enabled using <pages enableEventValidation="true"/> in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.
How can I solve this ? Here is the code:
require_once('pgbrowser.php');
$b = new PGBrowser();
$b->setUserAgent($useragent);
$page = $b->get($url);
$form = $page->form();
$form->set('someparam1', 'somevalue1');
$form->set('someparam2', 'somevalue2');
$page = $form->submit();
var_dump($page);
It depends, in general you just need to set the postback data: $form->set('__EVENTTARGET', 'xxx'); $form->set('__EVENTARGUMENT', 'yyy');
but sometimes you also need to tweak the request headers: $form->submit(array('MyHeader: xxx'));
On Thu, Jan 29, 2015 at 12:18 PM, Raptor Kwok [email protected] wrote:
This script is great, but I can't make it work on the ASP.NET pages with Event Validation enabled.
The response from the page is:
Invalid postback or callback argument. Event validation is enabled using in configuration or <%@ Page EnableEventValidation="true" %> in a page. For security purposes, this feature verifies that arguments to postback or callback events originate from the server control that originally rendered them. If the data is valid and expected, use the ClientScriptManager.RegisterForEventValidation method in order to register the postback or callback data for validation.
How can I solve this ? Here is the code:
require_once('pgbrowser.php'); $b = new PGBrowser(); $b->setUserAgent($useragent); $page = $b->get($url); $form = $page->form(); $form->set('someparam1', 'somevalue1'); $form->set('someparam2', 'somevalue2'); $page = $form->submit(); var_dump($page);
— Reply to this email directly or view it on GitHub https://github.com/monkeysuffrage/pgbrowser/issues/2.
Both __EVENTTARGET and __EVENTARGUMENT are empty. I think the problem lies in __EVENTVALIDATION value. (do I have to add __VIEWSTATE and ``__EVENTVALIDATION` manually myself?)
do var_dump($form->fields) if you need to check that they're being set
properly.
On Thu, Jan 29, 2015 at 1:32 PM, Raptor Kwok [email protected] wrote:
Both __EVENTTARGET and __EVENTARGUMENT are empty. I think the problem lies in __EVENTVALIDATION value. (do I have to add __VIEWSTATE and ` __EVENTVALIDATION manually myself?)
— Reply to this email directly or view it on GitHub https://github.com/monkeysuffrage/pgbrowser/issues/2#issuecomment-71971521 .
Is this a college bookstore by chance? In any case ive found that the view states cant be forged. If this is a site with multiple posts to get to the data, dont forge all the post data and submit, forge the first then submit, take that enter the second etc. like a real user would. the backend wont let you jump to the end.
Sent from my iPhone
On Jan 29, 2015, at 12:44 AM, monkeysuffrage [email protected] wrote:
do
var_dump($form->fields)if you need to check that they're being set properly.On Thu, Jan 29, 2015 at 1:32 PM, Raptor Kwok [email protected] wrote:
Both __EVENTTARGET and __EVENTARGUMENT are empty. I think the problem lies in __EVENTVALIDATION value. (do I have to add __VIEWSTATE and ` __EVENTVALIDATION manually myself?)
— Reply to this email directly or view it on GitHub https://github.com/monkeysuffrage/pgbrowser/issues/2#issuecomment-71971521 .
— Reply to this email directly or view it on GitHub.
