HTTP error 411, request must be flagged or have content length
I am trying to log into a remote website but I am getting below code error "HTTP Error 411, Request must be flagged or have content length".
$username = "psker";
$password = "Admin123";
$url="https://192.18.11.33/Login.aspx?FromMasterLogin=true";
$postinfo = 'txtUserName='.$username.'&txtpassword='.$password.'&txtUserName_ClientState={"enabled":true,"emptyMessage":""}&txtpassword_ClientState={"enabled":true,"emptyMessage":""}&btnLogin_ClientState&btnClearSession_ClientState&rdwindowForget_ClientState&rdwindowEnforce_ClientState&rdWindowPublicNewsAlerts_ClientState&RadWindowManager1_ClientState';
$cookie_file_path = "/cookies.txt";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
$headers = array(
"Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
"Accept-Encoding:gzip, deflate, br",
"Accept-Language:en-US,en;q=0.8",
"Cache-Control:max-age=0",
"Connection:keep-alive",
"Content-Length:1025",
"Content-Type:application/x-www-form-urlencoded"
);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_COOKIEFILE, $cookie_file_path);
curl_setopt($ch, CURLOPT_REFERER, $_SERVER['REQUEST_URI']);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postinfo);
curl_exec($ch);
curl_setopt($ch, CURLOPT_URL, "https://192.18.11.33/RGCS/Default.aspx?dd=0");
$html = curl_exec($ch);
echo $html;
curl_close($ch);
Following are the original login page headers:
Request URL:https://192.18.11.33/Login.aspx?FromMasterLogin=true
Request Method:POST
Status Code:302 Found
Remote Address:192.18.11.33:443
Referrer Policy:no-referrer-when-downgrade
Response Headers
view source
Cache-Control:private
Content-Length:34153
Content-Type:text/html; charset=utf-8
Date:Sat, 15 Apr 2017 09:37:35 GMT
Location:/RGCS/Default.aspx?dd=0
Server:Microsoft-IIS/8.5
Set-Cookie:ASP.NET_SessionId=spw3wky1bsdz0mrwzzojg504; path=/; HttpOnly
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET
Request Headers
view source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.8
Cache-Control:max-age=0
Connection:keep-alive
Content-Length:1025
Content-Type:application/x-www-form-urlencoded
Cookie:ASP.NET_SessionId=
DNT:1
Host:192.18.11.33
Origin:https://192.18.11.33
Referer:https://192.18.11.33/Login.aspx?FromMasterLogin=true
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Query String Parameters
view source
view URL encoded
FromMasterLogin:true
Form Data
view source
view URL encoded
__EVENTTARGET:btnLogin
__EVENTARGUMENT:
__VIEWSTATE:/wEPDwULLTEzNDc1MTg5NDRkGAIFHl9fQ29udHJvbHNSZXF1aXJlUG9zdEJhY2tLZXlfXxYGBQhidG5Mb2dpbgUPYnRuQ2xlYXJTZXNzaW9uBRFSYWRXaW5kb3dNYW5hZ2VyMQUOcmR3aW5kb3dGb3JnZXQFD3Jkd2luZG93RW5mb3JjZQUYcmRXaW5kb3dQdWJsaWNOZXdzQWxlcnRzBQpyYWRDYXB0Y2hhDxQrAAIFJDcxZmM0ZThmLTRlYTktNDE2Mi1hZTM4LWE0ZmNkNzM0NzY3ZgYAAAAAAAAAAGTJGSQTauu1xAgiX10rd7/Zci9sJhXV9Ilqy4HDolIBqg==
__EVENTVALIDATION:/wEdAAci11URbCuVmlO2wf1gC0M7Y3plgk0YBAefRz3MyBlTcJxpWckI3qdmfEJVCu2f5cGinihG6d/Xh3PZm3b5AoMQf2Dr69OxAarGhVFbQWZWFpd+ecw9lQ5sg8SY03yGmgNKhPS/+yQ5+zLwEb8uDfAwho9uEQI2joMICVOBiz0yDgel4nUaIRbrrP5r1YBnzqE=
txtUserName:psibmaker
txtUserName_ClientState:{"enabled":true,"emptyMessage":""}
txtpassword:Admin!@123
txtpassword_ClientState:{"enabled":true,"emptyMessage":""}
btnLogin_ClientState:
btnClearSession_ClientState:
rdwindowForget_ClientState:
rdwindowEnforce_ClientState:
rdWindowPublicNewsAlerts_ClientState:
RadWindowManager1_ClientState:
So my problem is "the request must be flagged or have content length".
Can anyone help me? Thanks for reading.
source to share
The server will not accept requests without a Content-Length header. I see you have specified it in your headers as 1025. This length should be the number of bytes after the headers, the body itself. Is 1025 correct since you have it hardcoded? The existence of a content-length header indicates the presence of a message body (and the exact (octet) byte of its length, or the connection will close after this amount)
According to https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
"The Object-Header Field Content-Length indicates the size of the entity-body, in decimal OCTET, sent to the recipient or in the case of the HEAD method, the size of the entity-body that was sent if the request was GET."
I also notice that you are using "Content-Type: application / x-www-form-urlencoded", in which case, consider the length of the content to be the length of the url-encoded form / any data.
Hope this helps!
source to share