How to POST and GET on a https web page

Question

I've been using the example code in the unity documents to send and get high score data from a php file on a server. I use the header to store the authorization key to access that file and it works a charm.

Now I tried the same thing for a different php file for the login server and it doesn't work. The authorization key is correct because I've tested it in a browser and it returns some information but in-game the server just times out waiting for a POST request.

The server admin claims that there have been no access attempts logged so it must be stumbling right after accepting the authorization key, if I remove the secret key then the server returns straight away with an unauthorized access message.

Has anyone else had this problem? Is there another way to POST or GET on a server with or without using the unity WWW class.

I've tried using unity 3 and have changed www.data to www.text but it still doesn't work. Is there any new functions on the latest WWW class?

This is for iPhone if it makes any difference.

Code:

var state : LoginState; var secretKey : String = "user:mySecretKey";

function Login(USERNAME : String, PASSWORD : String){ 
 // Create a Web Form var form = new WWWForm(); form.AddField("Username", USERNAME); form.AddField("Password", PASSWORD);

 var headers=form.headers;
 var rawData=form.data;

 print("Username : " + USERNAME + " Password : " + PASSWORD);

 // Add a custom header to the request.
 // In this case a basic authentication to access a password protected resource.
 headers["Authorization"]="Basic " + System.Convert.ToBase64String(System.Text.Encoding.ASCII.GetBytes(secretKey));

 // Post a request to an URL
 var www = new WWW(validateURL, rawData, headers);
 yield www;

 if(www.error) {
     print("There was an error posting the high score: " + www.error);
     state = LoginState.loginFailed;
 }else{
     print(www.text);
     if(www.text[0] == "&lt;"){
         state = LoginState.timedOut;    
     }else{
         state = LoginState.loginSuccess;
     }
 }

}

Answer 1

Answer by Simon Wittber · Mar 03, 2011 at 02:42 AM

UnityWeb might help you. It now supports HTTPS, and can do custom GET POST HEADERS the works. :-)

Add comment · Show 1 · Share

BerggreenDK · May 22, 2011 at 11:26 PM 0

Share

Yup, looks very interesting. Will try that too.

Answer 2

Answer by jtbentley · Sep 07, 2010 at 01:06 PM

function postScore(name, score) { //This connects to a server side php script that will add the name and score to a MySQL DB. // Supply it with a string representing the players name and the players score. var highscore_url = addScoreUrl + "name=" + WWW.EscapeURL(name) + "&score=" + score;

 // Post the URL to the site and create a download object to get the result.
 hs_post = WWW(highscore_url);
 yield hs_post; // Wait until the download is done
 if(hs_post.error) {
     print("There was an error posting the high score: " + hs_post.error);
 }

}

This is something I'm using atm, works a treat. Of course there's also a lot of additional checking etc in headings for security etc.

Add comment · Show 1 · Share

spinaljack · Sep 07, 2010 at 10:15 PM 0

Share

The security bit is the important part, the above code works for every site except this one as it has an odd login requirement. I used the same code for a different website with a login and it worked. I'm half certain it's to do with the server side but I'm curious if there's alternative client methods.

Answer 3

Answer by 3j- · Dec 21, 2012 at 02:11 AM

Saw this on another answers page. You can't modify a WWWForm's headers directly, you have to create your own:

(C#)

 var form = new WWWForm();
 form.AddField( "SomeKey", "SomeValue" );
         
 var headers = new Hashtable();
 headers["SomeHeaderKey"] = "SomeHeaderValue";
 
 var www = new WWW( url, form.data, headers );

Add comment · Share

Answer 4

Answer by urfx · Mar 28, 2014 at 01:12 PM

looks like you never get the user input values applied to the String secretKey , you print them to the console but you don't create a valid secretKey string before you base64 encode.

try insert this on line 12.

 secretKey = USERNAME + ":" + PASSWORD;

or if you just want to test your username and password are correct...

try create a script like below and add it to the camera of a new scene... fill in the username and password and click play

 var USERNAME : String;
 var PASSWORD : String;
 
 function Start () {
 
 var form = new WWWForm();
 
 form.AddField("Username", USERNAME);
 form.AddField("Password", PASSWORD);
 
 var headers = form.headers;
 var rawData = form.data;
 var url = "your:url-goes-here";
 var secretKey : String = USERNAME + ":" + PASSWORD;

 headers["Authorization"]="Basic " + System.Convert.ToBase64String(
     System.Text.Encoding.ASCII.GetBytes(secretKey));

 var www = new WWW(url, rawData, headers);
 yield www;
 
     if(www.error) {
         print("There was an error: " + www.error);
     }else{
         print(www.text);
     }
 
 }

Add comment · Show 1 · Share

urfx · Mar 28, 2014 at 02:26 PM 0

Share

by the way I needed to test both GET and POST scenarios for both HTTP and HTTPS...

the use of form data sets the default to POST and some login pages may in fact be expecting the GET method. in this scenario I had to do this

 var www = new WWW(url, null, headers); // setting form data to null tells Unity WWW class you want to use GET method and not POST

How to POST and GET on a https web page

4 Replies

Your answer

Follow this Question

Related Questions