0

I'm trying to fetch a page after a redirect, but I'm getting a 401 status in the response.

async function getPage(cookie, jsid) {
let params = {
    method: "GET",
    headers: {
        cookie: jsid,
        Cookie: cookie,
        "content-type": "text/html; charset=utf-8",
        "User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"
    },
    credentials: "include",
    redirect: "follow",
};

console.log("3333333", params)

await fetch('https://portal.elpts.ru/portal', params)
    .then(res => { console.log("11111", res) })
    .then(text => console.log("22222", text))
    .catch(err => console.error("error: " + err))

}

I am getting cookies and jsessionid through other requests, they are coming correctly. I reproduced this request through the insomnia application and it correctly returned 200. This is the request code from the app:

async function test() {
  const FormData = require('form-data');
  const fetch = require('node-fetch');
  const formData = new FormData();


  let url = 'https://portal.elpts.ru/portal';

  let options = {
    method: 'GET',
    headers: {
      Cookie: 'csrf-token-name=csrftoken; csrf-token-value=1725ec8f21b4ebe5015ce5b7c82c88bf378087f0dec427fa2dfb10d0de6ad93a74b8e3f2abb8edeb;  JSESSIONID=sp-rf-app-portal-2c~D2D8E12880DD51810AB42BCAB7F4EEA5',
      'content-type': 'multipart/form-data; boundary=---011000010111000001101001',
      cookie: 'JSESSIONID=sp-rf-app-portal-2c~D2D8E12880DD51810AB42BCAB7F4EEA5; '
    }
  };

  options.body = formData;

  fetch(url, options)
    .then(res => res.json())
    .then(json => console.log(json))
    .catch(err => console.error('error:' + err));

} And this is the response I get: enter image description here

I am using isomorphic-fetch but node-fetch gives the same result.

lian. lun
  • 115
  • 1
  • 1
  • 9
  • The `cookie: jsid` inside your request headers appears to send a wrong value, according to your screenshot - that value has the format that a `Set-Cookie` header should have, it includes the Path, HttpOnly and Secure options. – CBroe Nov 10 '22 at 12:07
  • The name=value token for the session ID is contained in what you pass via `Cookie: cookie` already - so `cookie: jsid` should simply be removed at this point. – CBroe Nov 10 '22 at 12:09
  • @CBroe This also returns 401. And the cookie has ``` Max-Age=21600, Path=/, secure``` – lian. lun Nov 10 '22 at 12:14
  • Your second code appears to add a request body (albeit an empty one, because I don't see you _populating_ that FormData instance with anything.) And it sends `content-type: multipart/form-data; boundary=...`, whereas your first one sends `content-type: text/html; charset=utf-8` – CBroe Nov 10 '22 at 12:34
  • FormData cannot be used for GET/HEAD requests. And for POST requests, it adds body: PassThrough { _readableState: [ReadableState], _events: [Object: null prototype], _eventsCount: 2, _maxListeners: undefined, _writableState: [WritableState], allowHalfOpen: true [Symbol(kCapture)]: false, [Symbol(kCallback)]: null }, – lian. lun Nov 10 '22 at 12:41
  • @CBroe content -type can be changed, but the response remains 401 – lian. lun Nov 10 '22 at 12:43

1 Answers1

0

It is necessary to separate getting the JSESSIONID and getting the page itself. The default is redirect: 'follow' , so when getting the jsid, you need to specify redirect: 'manual'

async function getJsid(cookies) {
return await getData('https://portal.elpts.ru/portal/', {
    method: 'GET',
    headers: {
        'Content-Type': 'text/html; charset=utf-8',
        'Cookie': cookies,
        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
        'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36'
    },
    redirect: 'manual',
}).then(async res => {
    return res.headers.get('set-cookie')
})

}

async function getPage(cookies, jsId) {
const page = await getData('https://portal.elpts.ru/portal', {
    method: "GET",
    headers: {
        'Cookie': cookies + '; ' + jsId
    },
    redirect: "follow",
});
return await page.text();

}

lian. lun
  • 115
  • 1
  • 1
  • 9