This topic has been archived. It cannot be replied.
-
工作学习 / 学科技术讨论 / [Q]how to download files using HttpWebRequest via ssl (https). Thanks
-carletonwong(自己修车);
2008-6-6
(#4488421@0)
-
Try WebClient.DownloadFile Method.
-readonly(ReadOnly);
2008-6-6
(#4488446@0)
-
Check you email please?
-carletonwong(自己修车);
2008-6-6
(#4488505@0)
-
具体我没做过,主要没有SSL环境,按.NET文档,对.NET程序员是没有区别的,只要用https代替http就行了。
-readonly(ReadOnly);
2008-6-6
(#4488666@0)
-
I implemented samiliar request before. the difficult part is certificate. If the server doesn't require client certificate, that should be easy.
-holdon(again);
2008-6-6
(#4488562@0)
-
[Q]do you mean that not all https require client certificate?Could you email me your sample code please? (https/ssl).
Do you know where to find the downloaded client certificate please? (I can
navigate the web sites using IE browser). I need to get the certificate and save
to a file before I can loaded it in my code.
Thanks
carletonwong@yahoo.com
-carletonwong(自己修车);
2008-6-6
{296}
(#4488865@0)
-
most ssl server doesn't require client certificate. they only has a server certificate to prove they can be trusted.
-holdon(again);
2008-6-6
{1068}
(#4489039@0)
-
Here is my confusion
-carletonwong(自己修车);
2008-6-8
{557}
(#4490559@0)
-
certificate is not for encryption, it's for identification. you only need a key to encrypt data. as long as only server and client know the key, nobody else can decrypt it.
-holdon(again);
2008-6-8
{1188}
(#4490678@0)
-
webrequstYes, my situation is log to the website using https and navigate one or two pages before downloading the files (all https/ssl). What I understood is that information from my computer
to the website is encrypted and vice versa all infromation from the server to my machine are
encrypted as well.
{Q] where do I get the key?
-carletonwong(自己修车);
2008-6-8
{327}
(#4491466@0)
-
short Answer: you don't need to care.
-holdon(again);
2008-6-8
{629}
(#4491583@0)
-
How to send a client certificate by using the HttpWebRequest and HttpWebResponse classes in Microsoft Visual C# .NET
-readonly(ReadOnly);
2008-6-9
(#4492346@0)
-
From my understating
-deep_blue(BLUE);
2008-6-9
{694}
(#4492199@0)
-
use "wget" if you didn't mean to write your own program
-lachom(注册啦 (免费的)!);
2008-6-9
(#4492204@0)
-
yes, if no login is required, wget could be a easy solution. it has all the functions for https:--no-check-certificate, --certificate=FILE,--private-key=FILE,--header=STRING
-holdon(again);
2008-6-9
(#4492668@0)
-
[Q]Thanks for all previous discussion. Reorganize my question
-carletonwong(自己修车);
2008-6-9
{1016}
(#4493024@0)
-
You can start with a non ssl site, sent it a sequence of HTTP POST, parse the response result.
-holdon(again);
2008-6-9
{537}
(#4493252@0)
-
回你的贴兼回楼主吧a: encrpt/decrpt由SSL实现。
b:如果server端authentication 是Form, 用HttpWebRequest.CookieContainer Property;
如果server端authentication 是Windows, 用HttpWebRequest.Credentials Property ;
关于如何用HttpWebRequest发送POST的请求,去GOOGLE吧。
说点题外话,用SSL,说明安全要求比较高,要我做就会只允许browser访问,所以有可能是不让HttpWebRequest访问的。
-readonly(ReadOnly);
2008-6-10
{355}
(#4493560@0)
-
how can you "only allow browser" access? web server only identify client by header and you can put any header in your request. a Opera brower can claim it's IE, so does HttpWebRequest.
-holdon(again);
2008-6-10
(#4493579@0)
-
从安全性的角度,HttpRequest.UserAgent Property 应该是不好修改的,有人能改就是黑客技术了。
-readonly(ReadOnly);
2008-6-10
(#4493604@0)
-
it doesn't need any hacker skill, even wget can do it. there is no way web server can really tell who is on the other side. it could be even telnet client for http.for https, not 100% sure about httpwebrequest ( but I think it shouldn't be a problem, it's just a header above all) , but at least sslClientStream can send anything I want.
-holdon(again);
2008-6-10
{175}
(#4493644@0)
-
关于黑客,一是指黑客技术,二是指用黑客软件。我回答的是关于如何名门正派地设计软件,对于你关于如何冒名是另外一个话题。看看你回答的问题都是啥,满嘴跑火车。
-readonly(ReadOnly);
2008-6-10
(#4493678@0)
-
couln't understand since when changing header become hacker technology.
-holdon(again);
2008-6-10
(#4493683@0)
-
and wget is a hacker software i suppose?
-holdon(again);
2008-6-10
(#4493687@0)
-
HttpWebRequest.UserAgent Property public string UserAgent {get; set;}[C#] Gets or sets the value of the User-agent HTTP header. how difficult is that? Hacker tech???
-holdon(again);
2008-6-10
(#4493704@0)
-
哈哈,查了查,是可以的修改HttpWebRequest.UserAgent Property ,我指出你那么多错,估计你也心成不服,让你扳回一局,应该是心里平衡一些。
-readonly(ReadOnly);
2008-6-10
(#4493725@0)
-
yeah, right.
-holdon(again);
2008-6-10
(#4493728@0)
-
想了想,还是可以做到的,在login网页里藏动态生成安全认证字符串(或藏在cookie里),并且只认可postback的login,这样只能从browser里登陆。
-readonly(ReadOnly);
2008-6-10
(#4493830@0)
-
yes, you are partly right for the dymamic string, but it must be image. any string in cookie ,or require POST BACK login should be peice of cake for "senior hacker" or intermidiate web developer.
-holdon(again);
2008-6-10
(#4493863@0)
-
实现是肯定没问题,初级就可以,展示一下你如何用HttpWebRequest的风采吧。
-readonly(ReadOnly);
2008-6-10
(#4493922@0)
-
I agree using CookieContainer though the server is not IIS. Credentials is only for company domains. This server is public commercial webserver (Internet) and has nothing to do with client application.I wonder if anyone really try his/her proposal using an Internet https/ssl server.
More advice is appreciated.
-carletonwong(自己修车);
2008-6-10
{113}
(#4493950@0)
-
Simple web File download in VB.NET
-readonly(ReadOnly);
2008-6-10
(#4494197@0)
-
POST WebRequest
-readonly(ReadOnly);
2008-6-10
(#4494199@0)
-
跟我前面说的,可能HttpWebRequest行不通(server端安全性的机制)。要是能行但你还是做不出来,我觉得你吃这碗饭很累。
-readonly(ReadOnly);
2008-6-10
(#4494208@0)
-
It may be some other reasons rather than SSL.
-deep_blue(BLUE);
2008-6-11
{744}
(#4495658@0)
-
诚心请教,能否贴点代码关于 Credentials can be used for Forms authentication (it’s used by most internet application.)
-readonly(ReadOnly);
2008-6-11
(#4495715@0)
-
Really? That's something new to know. Thanks, I will check how it work later.
-holdon(again);
2008-6-11
{1330}
(#4495733@0)
-
HttpWebRequest.Credentials Property: Supported authentication schemes include Digest, Negotiate, Kerberos, NTLM, and Basic.
-readonly(ReadOnly);
2008-6-11
(#4495745@0)
-
The solution in C++. Although the sample code is about soap, it is easy to change it to handle https. If cookie was used by website, just looking for them in raw http headers and add them when sending request later.
-liquid(豆泡松果 之 松果豆泡);
2008-6-11
(#4496622@0)