Sending data from the form

Question

authorization page code:

<!-- $(if chap-id) --> <form name="sendin" action="{{ link_login_only }}" method="post"> <input type="hidden" name="username" /> <input type="hidden" name="password" /> <input type="hidden" name="dst" value="{{ link_orig }}" /> <input type="hidden" name="popup" value="true" /> </form> {% load staticfiles %} <script type="text/javascript" src="{% static "js/md5.js" %}"></script> <script type="text/javascript"> <!-- function doLogin() { document.sendin.username.value = document.login.username.value; document.sendin.password.value = hexMD5({{ chap_id }} + document.login.password.value + {{ chap_challenge }}); document.sendin.submit(); return false; } //--> </script> <!-- $(endif) --> <!-- removed $(if chap-id) $(endif) around OnSubmit --> <form name="login" action="{{ link_login_only }}" method="post" onSubmit="return doLogin()" > <input type="hidden" name="dst" value="{{ link_orig }}" /> <input type="hidden" name="popup" value="true" /> <table width="100" style="background-color: #ffffff"> <tr><td align="right">login</td> <td><input style="width: 80px" name="username" type="text" value="{{ username }}"/></td> </tr> <tr><td align="right">password</td> <td><input style="width: 80px" name="password" type="password"/></td> </tr> <tr><td> </td> <td><input type="submit" value="OK" /></td> </tr> </table> </form> <script type="text/javascript"> <!-- document.login.username.focus(); //--> </script>

link_login_only this http://10.0.10.1/login data from the server 10.0.10.2 is sent to the microtic with the address 10.0.10.1, according to all the rules they have to fly away but it was not there, the post request in the packets is not visible at all, only as md5. js static is requested and that's it. Django in the developer mode on port 8000, there is a thought that it is probably worthwhile to put it on nginx and everything will be there - but not a fact. In theory, there could be a hotspot curve setting on a microtic, but when you click send a post, the request does not fly, but it should, so the case is most likely not a matter of microtic settings. (addresses added to walled garden)

The radius of the request server is also not visible, everywhere is silence ...

The entire sheet that you have laid out is absolutely useless - leave only the code responsible for sending and processing requests.
The role of md5.js in sending the form is not clear, tell me what does javascript do there?
md5.js - leaves converts the entered user password to the md5 hash before sending post data.
form name = "login" sends the data, but the doLogin () function intercepts the data and fills in the form form name = "sendin", which it sends further.
It is possible to remove the intermediate form, but it is necessary to encode the password through js.

Igor Igor 988 2 silver marks 25 bronze marks · Answer 1 · 2016-08-11T20:31:57

The easiest option is to remove ajax leaving only the form itself that will be sent.

  <form name="sendin" action="{{ link_login_only }}" method="post"> <input type="input" name="username" /> <input type="hiden" name="password" /> <input type="input" name="pass" onchange="document.sendin.password.value = hexMD5({{ chap_id }} + document.sendin.pass.value + {{ chap_challenge }})"/> <input type="hidden" name="dst" value="{{ link_orig }}" /> <input type="hidden" name="popup" value="true" /> <input type="submit" value="OK" /> </form>

The password field is hidden, instead the pseudo field from which the value is taken, processed by the script and substituted

Sending data from the form

1 answer 1

More articles: