Introducing Quests: Tailored gamification & bridging in-person events with your community Mike Gitkos Yesterday at 12:39 PM1 day
February 8, 20214 yr POST Are you having an issue with the crawler not being able to login, possibly due to CSRF protection? Edited February 8, 20214 yr by Nathan Explosion
February 8, 20214 yr Author 9 minutes ago, Nathan Explosion said: POST Are you having an issue with the crawler not being able to login, possibly due to CSRF protection? Thank you for the response, Nathan. I don't know that I am having a login issue outside of having the wrong login parameter. I initially thought it would be POST but didn't understand why, for both POST and GET that they want an 'equals' parameter for both. When choosing, "Plain HTTP", the 'equals' goes away so I thought it must be that. What is the purpose of the 'equals' for the password and username and should the respective parameters be the same for both sides of the equations? Edited February 8, 20214 yr by My Sharona
February 8, 20214 yr "auth" = the username of the account, "password" = the password for the account.
February 8, 20214 yr Author Thank you, Sir. Much appreciated. I shall afix the parameters to what you have above.
February 10, 20214 yr Author Just a minor follow up here @Nathan Explosion. I don't see where the crawler has logged in (no IP associated with the account). Should a "submit" parameter be included as well? Something like: _processLogin = elSignIn_submit TYIA
February 10, 20214 yr What I posted is what should be used. 2 minutes ago, My Sharona said: _processLogin = elSignIn_submit _processLogin = the NAME of the button on the login button on the login page. usernamepassword = the VALUE of that button elSignIn_submit is the ID for that same button - if you do what you are suggesting it is telling Google to add set the value of _processLogin to elSignIn_submit, which is not going have any effect. The crawler probably tried to login and got a CSRF key - you can read the full background to all this information in
February 10, 20214 yr Author 1 hour ago, Nathan Explosion said: What I posted is what should be used. _processLogin = the NAME of the button on the login button on the login page. usernamepassword = the VALUE of that button elSignIn_submit is the ID for that same button - if you do what you are suggesting it is telling Google to add set the value of _processLogin to elSignIn_submit, which is not going have any effect. The crawler probably tried to login and got a CSRF key - you can read the full background to all this information in Duly noted. Thank you again sir.
