> It'd look something like this.... (snipped directly from some > c++ code of my that grabs RAW posts from browsers /-). Basically > we're talking the bloody annoying MIME format here for encoding > variable fields: > > POST /myform.cfm HTTP/1.1 > Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, > application/vnd.ms-powerpoint, application/vnd.ms-excel, > application/msword, application/x-gsarcade-launch, > application/x-rocketpipe, */* > Referer: http://127.0.0.1/myform.cfm > Accept-Language: en-us > Content-Type: multipart/form-data; > boundary=---------------------------7d1bc210087c > Accept-Encoding: gzip, deflate > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0) > Host: 127.0.0.1:90 > Content-Length: 243 > Connection: Keep-Alive > Cache-Control: no-cache > Cookie: CFID=1; CFTOKEN=32125070; > > -----------------------------7d1bc210087c > Content-Disposition: form-data; name="myName" > > lsellers > -----------------------------7d1bc210087c > Content-Disposition: form-data; name="submit" > > go > -----------------------------7d1bc210087c--
Fortunately, most HTTP POST requests don't use the MIME type "multipart/form-data". Here's a simpler example using the default POST MIME type, "application/x-www-form-urlencoded". I just captured it using Stretch. You can tell it was captured through a proxy because the Referer header points to the local proxy address: POST /hof/lists/cf_community.cfm HTTP/1.0 Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, */* Referer: http://localhost:8080/hof/lists/CF_community.cfm Accept-Language: en-us Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0) Host: localhost:8080 Content-Length: 69 Connection: Keep-Alive Pragma: no-cache Cookie: CFID=99367; CFTOKEN=28414731; CTESTNEVER=1 ListName=CF-Community&[EMAIL PROTECTED]&Action=Subscribe%2C+ As you can see, the name-value pairs in the HTTP request body are simply encoded as they would be within a URL, and separated by ampersands. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
