Forum Discussion
Stanislas_Piro2
Jul 03, 2018Cumulonimbus
This seems to be a little bit complicated.
When a user logs in a web page, the server respond with a cookie to follow the user session. so you must check first which cookies are required by the server.
When the client send a request without this cookie, you must respond with a web page containing only a javascript code which redirect to the form POST URL with fake data.
When the client send a request without this cookie with to the expected URL, must change the content with credentials.
Of course, you first have to know how the web server works. for example, you must know :
- What are cookies used to follow user sessions?
- what is the Form method (GET or POST) and URI ?
- is there dynamic POST parameter which require more complex behavior?
- what are all POST parameters required by the server?
You can get all these informations with Firefox developper's tool.