Home/ Questions/Q 8191685
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-07T03:58:20+00:00

I’m making an offline webpage that automatically logs into an online website. The website

  • 0

I’m making an offline webpage that automatically logs into an online website.
The website uses ssl (https) and to login it uses a form (post variables)

The problem I’m encountering is the following:
The site only accepts my offline form, when I open the online login page first.
This is because the website uses (server-side) sessions which are made when opening the first page. (The purpose of the session is to detect a time-out)

When I first open the online website and then run my offline page everything works fine.

So I need to make my offline webpage open the online website before posting the form automatically.

I tryed this with an iframe, but this doesn’t work in internet explorer, as it is a https website. (It does work in Chrome, firefox,…)

I was wondering if Ajax could send a https page request before posting my form. But I guess not as it is https.

Does anybody know a method to send a https page request just like the browser does, but without showing it’s output? Afterward I can automatically submit my form.

Thanks in advance!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Internet Explorer treats iframes from other domains as third party content, and uses a separate set of security policies for them. The security zone settings are also in effect between file:/// “local machine”/”offline” webpages and “internet”/”online” webpages. Cookies are usually blocked from third party content (depending on your settings), which means that the unique session key set in the cookies won’t be saved. Without this key, the site you are trying to log in to will “forget” your session/login.

    Cross-domain AJAX request are also affected by security zones and cross-domain policies, but the settings may differ between IE versions.

    There are ways around the limitations, using P3P policies, if you control the target web page. Cookie blocked/not saved in IFRAME in Internet Explorer shows how. But, if you do own the web page, it would be better to enable or implement your own “remember me” feature.

    In your case, depending on if you are the only one to use your offline autologin webpage, perhaps allowing third party cookies in Internet Explorer will help. See Options > Privacy > Allow all cookies (or in a similar). This will allow others (mostly ad companies) to track you all over the internet though.

    If the purpose for your autologin page is testing, rather than actually using the browser as a human being, perhaps you can automate both logging in and testing?

    • 0