I'm trying to use XMLHTTP to log in to a website. I'm just curious as I think I may have stumbled upon a website which has taken measure to prevent automated logins but I'm not sure...
The website is: https://www.nordnet.se/mux/login/startSE.html?cmpi=start-loggain
Looking at the fields: Användarnamn ( Which is "Username") And Lösenord ( Which is "Password" )
We get the following when inspecting the code
For the username
<input type="text" class="form-control lowercase" placeholder="Användarnamn" id="input1" name="05b815966281833f744f3aafe2d8d907" autocomplete="off">
For the password
<input id="pContent" type="password" class="form-control" placeholder="Lösenord" autocomplete="off">
<input id="pContHidden" name="8ed7fbd0d02d475becd85807358088e3" type="hidden" autocomplete="off">
Now everytime one refreshes the website the "name" variable gets changed, this is in effect a measure to prevent people from running xmlhttprequest.send "username=****&password=******" ?
Would one be able to login using the placeholder attributes instead? As they do not change during refresh.
Also, why i there one row wotj input id = "pContent" and one input id= "pContHidden" for the password?
No comments:
Post a Comment