EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Difference to ver 11 and ver 12

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#30112
Posted: 07/22/2014 10:34:01
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

the URL is:

Code
http://www.lifetechnologies.com/order/catalog/en/US/adirect/lt?cmd=HWFastProductDetailAjax&entryPoint=adirect&_=1405936016620&hasCitations=true&messageType=HWFastProductDetailAjax&numCitations=2&productID=61870036


When I use Fiddler in the middle (via HTTP-Proxy) I get the proper page. When I do not use Fiddler in the middle I do not get the requested page. Can you explain this?

I think we have to break the problem in small peaces.
Please answer soon.
#30113
Posted: 07/22/2014 10:34:58
by Eugene Mayevski (EldoS Corp.)

Please open SBHTTPSClient.pas, find and remove these blocks of code:

Code
if (Length(Params) > 0) then
        Params := '?' + Params;


There are two such blocks there.

After this please check the problem again.
#30114
Posted: 07/22/2014 10:38:00
by Eugene Mayevski (EldoS Corp.)

With the last URL you've provided and with the fix I have specified above I get the correct data (the one that corresponds to "correct" file you posted).
#30115
Posted: 07/22/2014 10:42:34
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Quote
Eugene Mayevski wrote:
So far when I access the resource using HTTP or HTTPS , I get the identical files (well, they differ in the value of anonymousLogin JS variable set - true vs. null). The file is 213 147 bytes. Is this what you expect to get or this is the "wrong" variant?


YOu must use Cookiemanger and do a GET on the first URL
Code
http://www.lifetechnologies.com/order/catalog/product/61870036?CID=search-product

Then do a GET with following URL
Code
http://www.lifetechnologies.com/order/catalog/en/US/adirect/lt?cmd=HWFastProductDetailAjax&entryPoint=adirect&_=1405936016620&hasCitations=true&messageType=HWFastProductDetailAjax&numCitations=2&productID=61870036
and search for the regex: msds-link
YOu will get this line:
Code
<li class="msds-link"><a href="https://tools.lifetechnologies.com/content.cfm?pageid=10783&name=61870036&extension=IV"

From this line I exctract the pageid.

When I use Fiddler in the middle I get the pageid. When I do not use Fiddler in the middle I do get nothing.

IN version 11 it works fine. As I can not ispect the https with Fiddler, I have used http and it works also - but just with fiddler in the middle.
#30116
Posted: 07/22/2014 10:45:26
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Quote
Eugene Mayevski wrote:
Please open SBHTTPSClient.pas, find and remove these blocks of code:

Code
if (Length(Params) > 0) then
        Params := '?' + Params;


There are two such blocks there.

After this please check the problem again.

I dont have the source installed. Please check it, and release a corrected version. Thanks BTW where could I get the source for DELPHI 7 ?
#30118
Posted: 07/22/2014 11:05:32
by Eugene Mayevski (EldoS Corp.)

That's too hard for me to reproduce. When there's a new build (maybe on weekend or so) you can check it.


Sincerely yours
Eugene Mayevski
#30119
Posted: 07/22/2014 11:07:45
by Eugene Mayevski (EldoS Corp.)

There exists a workaround that you can use:

in OnPreparedHeaders event handler you are passed all headers including the verb line (the one with GET and the URL). You can replace "??" (two question marks) with one in that line. That should solve the problem and will let you continue without making a build.
#30120
Posted: 07/22/2014 11:24:33
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Quote
Eugene Mayevski wrote:
There exists a workaround that you can use:

in OnPreparedHeaders event handler you are passed all headers including the verb line (the one with GET and the URL). You can replace "??" (two question marks) with one in that line. That should solve the problem and will let you continue without making a build.


ok, I have done this in the event handler:
Code
  for i:=0 to Headers.Count-1 do
    Headers.Strings[i]:=StringReplace(Headers.Strings[i], '??', '?',[rfReplaceAll, rfIgnoreCase]);


Now it works without Fiddler in the middle. Please include the replace of ?? in the accoring source file for the next release. thanks
#30121
Posted: 07/22/2014 11:39:12
by Eugene Mayevski (EldoS Corp.)

Fiddler probably removed the excessive question mark itself, that's why it worked. I am glad that the issue is solved for now, and the permanent fix will be available a bit later, when we have more improvements to release.


Sincerely yours
Eugene Mayevski
#30123
Posted: 07/22/2014 12:02:39
by Walter Schrabmair (Priority Standard support level)
Joined: 05/03/2013
Posts: 150

Yes thanks for your help. But this bug is serious! We hope that on weekend the new release will come.
best regards
walter
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 3738 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!