Re: WWW::Mechanize and buttons tied to javascript

WWW::Mechanize::Firefox because I don't want to deal with the GUI.

Use WWW::Mechanize::PhantomJS then, comes without GUI, supports javascript, simple to install prereqisites at http://phantomjs.org/download.html

... here is the POST data:

That doesn't look very much like POST data, not any regular kind of POST data, where did you get that from?

to see if I can just manually do what the javascript is doing within my perl code

Maybe you realize this -- but its not going well -- take the easy way out :)

How would I replicate what the javascript is doing within perl? Do I just fill out all the fields in the POST data above, and then GET the Location: URL?

Well, you'd do it by figuring out and knowing what the javascript does and the way it does it, then replicate that request -- do you know javascript?

You could also intuit from the request what to do, but this is a lot of guessing, and guessing is a poor painful strategy

You could also read the docs for the website and use their official api ... guesswork eliminated :)

What you've posted so far is nowhere near enough information to do any of these things :) but I wouldn't even try, I'd be lazy, I'd use phantomjs

If I use one of the javascript modules, is it literally as simple as calling eval on the function bound to the button once I have set the appropriate variables (I assume the JS function will handle the ANTI_CSRF_TOKEN?)

You wish :) in theory maybe... browsers are hard to write ... you could try it to see what happens :)

Your best chances of success are phantomjs, IMHO naturally

Best of luck

Comment on Re: WWW::Mechanize and buttons tied to javascript

Replies are listed 'Best First'.
Re^2: WWW::Mechanize and buttons tied to javascript by Special_K (Pilgrim) on Jul 04, 2014 at 17:29 UTC
That doesn't look very much like POST data, not any regular kind of POST data, where did you get that from? Maybe my terminology was incorrect. When I logged into the website via Chrome, that was the data listed under the "Form Data" section of the Network->Headers section of the Chrome Developer Tools. Well, you'd do it by figuring out and knowing what the javascript does and the way it does it, then replicate that request -- do you know javascript? I only know a little bit, but that was kind of why I was asking this question. How would I figure out what the website is doing? As I said in my post, it appears to be taking the form data I entered, verifying the responses, and GETing the location URL I posted above. The only part I really don't understand is the ANTI_CSRF_TOKEN. I will look into phamtomjs.	[reply]
Re^3: WWW::Mechanize and buttons tied to javascript by Anonymous Monk on Jul 05, 2014 at 03:14 UTC
Maybe my terminology was incorrect. When I logged into the website via Chrome, that was the data listed under the "Form Data" section of the Network->Headers section of the Chrome Developer Tools. :) Well, your terminology appears correct ... form data usualy comes delimited with "=" where as headers are delimited with ":" ... the data you've shown has two:two:two ... that confused me a bit ... I don't have chrome :) I only know a little bit, but that was kind of why I was asking this question. How would I figure out what the website is doing? :) I already explained -- I'd do it by figuring out and knowing what the javascript does and the way it does it -- this means I'd read the javascript program -- try a few of the functions (firefox ctrl+shift+k or ctrl+shift+j ) -- the open source version of reverse engineering lots of time they just fetch this var, fetch that one, do some simple substitution/addition ... sometimes they md5 or sha256 some part and set a new variable ... sometimes its considerably more pointless contortions (esp difficult to discern when they use jsmin type compressors) The only part I really don't understand is the ANTI_CSRF_TOKEN. Its just another form variable , its given to your browser to prevent replay attacks and session riding... CSRF ... https://www.owasp.org/index.php/Session_Management#Page_and_Form_Tokens , Cryptographic nonce, Plack::Middleware::CSRFBlock	[reply]