Can I access pages for logged users with curl?

netteman

Hi,

is it OK to access pages for logged users on a website powered by Nette (my website) from another Nette web app (running on my laptop) using curl

or

is the target Nette web app going to kind of “fight back”? The docs say there is some protection against session attacks
https://doc.nette.org/…y-protection#…

The curl method would look something like this:

public function openPageForLoggedUsers(string $url, string $phpses){

	/* here's a selection of the curl commands */
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_COOKIE, 'PHPSESSID='.$phpses);
	$curl_exec = curl_exec($ch);

	/*parse some information from the curl_exec and return them*/
}

Thanks :)

Last edited by netteman (2019-08-05 17:28)

Kamil Valenta

I think that's a not good idea. Try to use some kind of API and get a data in JSON or XML.

Last edited by kamil_v (2019-08-05 19:59)

netteman

@kamil_v I should have been more specific about the “information” – I had response codes, redirects, etc. in mind

netteman

I found out that:

You can use curl to access pages for logged users without any problems
file_get_contents() can be used to access pages for logged users as well and parsing the response codes and redirects from $http_response_header is easier than from the curl return value :)

Last edited by netteman (2019-08-08 18:26)