How do I submit the same data to a web page from Applescript, but with it in “POST” format?
The URL would then be:
“http://www.madeupsite.com/index.php”
and the data would be:
lang=en
number=345
It stops users from fiddling with the URL in the browser window and messing things up!
I’ve spent most of today trying to work this one out!
Any ideas?
URL Access only seems to download/upload things. It doesn’t actually open a live browser window.
Well, the problem is that to open a web page that is the result of a POST transaction requires the browser to support the opening event. Internet Explorer actually supports opening a URL with POST data attached:
OpenURL: Retrieves URL off the Web.
OpenURL string -- Fully-qualified URL
[to file specification] -- Target file for saving downloaded data
[toWindow integer] -- Target window for resource at URL (-1 for top window, 0 for new window)
[Flags integer] -- Valid Flags settings are: 1-Ignore the document cache; 2-Ignore the image cache; 4-Operate in background mode.
[FormData anything] -- data to post
[MIME Type string] -- MIME type of data being posted
I’m not the biggest fan of Internet Explorer, but that may be what you need to do. Hmmm… wait… Another idea would be to create a local temp html file that has the form fields (invisible, of course), open that file with Safari, send Javascript to fill out and submit that form. You could probably make that temp page only say something like “Loading page…” so the user will wait for the result page to show. Then you could use any browser that supports receiving javascript commands: Safari, IE, OmniWeb, and iCab. Mozilla claims to, but Do Javascript does not work.
I managed to get the app to store a html page inside itself, then write the variables to it with a few search and replace routines and then open the html page in the default browser! That way there aren’t any stray files floating around and it’s something I have some control over!
Only needs the user to click one button in the browser and it’s plain sailing from then on!
Perhaps the UNIX command curl might be of some use? It supports POST and may be called by an AppleScript do shell script command. You could use it to capture the HTML output to a temporary file.
However there are other ways, besides using POST, to address your concern that the user has tampered with the data in the URL. In fact, using POST really doesn’t add very much security. It’ll keep the average user (using only a web browser) from changing the data, but a more advanced user with a tool like curl can easily forge the data.
One solution is to use a salt and checksum approach; if the user has tampered with the URL, you’ll know it. Do a Google on salt and checksum for more complete info on this technique. Basically, you want to take your data, add a number (or text) known to you but not the user to it, and perform a checksum on it. Since the user doesn’t know the salt, they can’t reproduce the checksum if they alter the data. There are UNIX tools available to MacOS X for checksuming, such as cksum and md5.