I have read quite a few threads on the subject but need a push in the right direction. I'm attempting to download pdfs from a secure website. I can login with InternetExplorer using vba automation & navigate the web page successfully. This is a requirement because I need to get my list of files & build the URL's. That I can do.
I'm trying to download the files with winnhttp 5.1 & the download code works, if I manually feed it the 6 cookies from fiddler. Here is where I'm stuck on what I think might not be the too hard part. To date I've gotten cookies in two batches. From document.cookie gets me 4, including an authToken. From my winhttp stream I get two http only cookies including an ASP Session id, but i realized eventually that these two are really a different "session". The two http cookies from what i understand will never be exposed within document.cookie. But since I get them in my winhttp stream I think I'm ok there.
This is my first call that nets me the two http cookies
WinHttpReq.Open "POST", strUrl, False
WinHttpReq.setRequestHeader "Cache-Control", "no-cache"
WinHttpReq.setRequestHeader "Referer", "https://atlasbridge.com/default.aspx"
WinHttpReq.setRequestHeader "X-MicrosoftAjax", "Delta=true"
WinHttpReq.setRequestHeader "User-Agent", "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
WinHttpReq.setRequestHeader "Connection", "keep-alive"
WinHttpReq.setRequestHeader "Accept", "*/*"
WinHttpReq.setRequestHeader "Accept-Language", "en-US"
WinHttpReq.setRequestHeader "Accept-Encoding", "gzip, deflate"
WinHttpReq.setRequestHeader "Host", "atlasbridge.com"
WinHttpReq.setRequestHeader "Content-Type", "application/x-www-form-urlencoded; charset=utf-8"
'uname & password are established earlier in the code & are the correct values
WinHttpReq.SetCredentials UName, Pword, 0
WinHttpReq.Send
I can parse cookies I get back I'm sure. I just need to return the first 4 cookies including the authentication token. I think I'll need to send a few request to the website & then to the reports page (one cookie changes from home page to reports) but since I need user name and password to authenticate how to do i do that in winhttp (or do I use another mwthod). I can login into to the page but that does't get me the http only cookies so I need to authenticate this other way (I assume).
p.s. thread as I captured and parsed cookies and got to this point. How to download file from secure website with WinHTTPRequest.5.1
I've updated the code in the question, but I'm still not sure how to authenticate with winhttp.
the response I get back is(where the two cookies I get, but not the other 4 I need: STATUSCODE:200 OK Cache-Control: private Date: Mon, 28 Jan 2019 19:45:23 GMT Content-Length: 2033 Content-Type: text/html; charset=utf-8 Content-Encoding: gzip Server: Microsoft-IIS/7.0 Set-Cookie: ASP.NET_SessionId=xxxxxxxxxx; path=/; secure; HttpOnly Set-Cookie: NSC_bumbtcsjehf.dpn_TTM_443xxxxxxxxxxxxxxxx;Version=1;Max-Age=2400;path=/;secure;httponly X-AspNet-Version: 4.0.30319 X-UA-Compatible: IE=edge X-Powered-By: ASP.NET Cteonnt-Length: 4489
Also using fiddler I see in text view: ScriptManager1=UpdatePanel1%7CcmdLogin&__EVENTTARGET=&__EVENTARGUMENT=&__VIEWSTATE=6mcXww3ohBjEvWka9jUmRYsQUSnYbYvMovHGR6aC%2BUr5hum9HsnxvbQYFOUuvkWDHWcIz5hftDgGPlmEOUJUqC11qvzFgYZh24%2FDDMPA6e0A7AeaAWc0mRfrrbYjbUeUvPE38g%3D%3D&__VIEWSTATEGENERATOR=CA0B0334&__EVENTVALIDATION=5XlJ8vCmmt4cJhBg5XYEHmCDfdimT2%2FjpQGEczZ7weYVU3RB%2BZzR7pLr2RN%2F6ooiMEnAs6DMB26%2F3fXnRVrNpvT6Qaj62mNxwriRgMUs2WY5e538aZbVQ1dXouLb1cAAnPt%2BOfWGWfumid1o3Eg%2FYOyuvRA%3D&txtUserName=MyUsernamevaluehere&txtPassword=MyPasswordvaluehere&__ASYNCPOST=true&cmdLogin.x=33&cmdLogin.y=15.569999694824218
Fiddler is showing the first "Post" request is XMLHttpRequest. I still am only getting 2 cookies(the same 2).
