I am developing a school mobile app that has no access to the school API and so I have tried to scrape data from the school website, CLiC. After pressing the Sign In button, in the response headers there should be a location pointing to the error login page. When I posted some data to the form action url in Insomnia, I couldn't find any headers related to the reroute location.
Here's the data that I posted
{
"lcsrf_token": "1CrcNP9TrLqho8WS+UGA2Tjg5JKV1zjdM3K+quZJKUY=",
"timezoneOffset": -480,
"ptmode": "f",
"ptlangcd": "ENG",
"ptinstalledlang": "ENG",
"userid": "",
"pwd": ""
}
All of the data except for the userid and pwd can be found in the website's html as hidden item.
I have also tested posting with cookies that have exactly same structure as shown in the browser, but the outcome remains the same.
Could someone enlighten me on where did I do wrongly?
The problem here is due to wrong body format specified in
Content-Type: form-url-encodedheader and that's causing the issue.Changing the body to the specified type resolved the issue.