INDY - I really need cookies here?

Question

I'm developing a project to auto-login in my router administration page... But it use cookies in the source code. When I do a GET with my web browser (Chrome), I get this:

GET http://192.168.1.1/ HTTP/1.1
Host: 192.168.1.1
Proxy-Connection: keep-alive
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36
Accept-Encoding: gzip,deflate,sdch
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: FirstMenu=Admin_0; SecondMenu=Admin_0_0; ThirdMenu=Admin_0_0_0; Language=en

And when I'm doing a GET with Indy the result is:

GET http://192.168.1.1/ HTTP/1.1
Host: 192.168.1.1
Accept: text/html, */*
Accept-Encoding: identity
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV2)

Ok, I want to login doing a POST in the url same way that the HTML form does, passing the same parameters, but as result, I get one page saying 'Unknown Error'... Here is when I'm doing the POST in my Chrome browser:

POST http://192.168.1.1/index/login.cgi HTTP/1.1
Host: 192.168.1.1
Proxy-Connection: keep-alive
Content-Length: 34
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Origin: http://192.168.1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.116 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://192.168.1.1/
Accept-Encoding: gzip,deflate,sdch
Accept-Language: pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: SessionID_R3=479900075; FirstMenu=Admin_0; SecondMenu=Admin_0_0; ThirdMenu=Admin_0_0_0; Language=en

Username=admin&Password=YWRtaW4%3D

Here is the post in my project with Indy:

POST http://192.168.1.1/index/login.cgi HTTP/1.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 36
Proxy-Connection: keep-alive
Host: 192.168.1.1
Accept: text/html, */*
Accept-Encoding: identity
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV2)

Username=admin&Password=YWRtaW4%3D

Okay, I'm almost sure that i'm getting this 'unknown error' because of the cookies. But they are really needed here? And how I'll setup them? I tried with cookies manager but no success, and I'm in Delphi 2010, dont know if Cookies Manager from Indy works fine in this version. Here is the code of my project:

 http := TIDHttp.Create(nil);
  PostData:= TStringList.Create;
  AnswerData:= TStringStream.Create('');
  http.ReadTimeout := 5000;
  http.Request.UserAgent:='Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV2)';
  http.ProxyParams.ProxyServer:= '127.0.0.1';
  http.ProxyParams.ProxyPort:= 8080;
  PostData.Text:= 'Username=admin&Password=YWRtaW4=';
  try
    http.Post('http://192.168.1.1/index/login.cgi', PostData, AnswerData);
  except
    on E: EIdHTTPProtocolException do
      begin
        HttpCode:= HTTP.ResponseCode;
        HttpHeader:= HTTP.Response.RawHeaders.Values['Server'];
      end;
  end;
  Memo1.Lines.Add(AnswerData.DataString);
end;

Answer 1

In this case, I just created one 'fake' cookie just passing in the header the same parameters as browser does... The router page used javascript cookies, so Indy could not work with them, I'll need to add them manually if necessary. But for me worked in this way:

http.Request.CustomHeaders.Text:= 'Cookie: FirstMenu=Admin_0; SecondMenu=Admin_0_0; ThirdMenu=Admin_0_0_0; Language=en';

I just put the cookie as header, in fact I have no cookie manager, only this fake header... For me it solved.

Answer 2

The web browser's requests are including a previously received cookie that you obviously have not received yet. You need to start at the same starting page that the web browser started at to receive the cookie. Also, because you are sending multiple requests, you need to make sure that you are re-using the same TIdCookieManager instance every time, so that cookies persist between requests. If you do not assign a TIdCookieManager to the TIdHTTP.CookieManager property, TIdHTTP creates one internally, so you either need to re-use the same TIdHTTP for each request, or you need to create a single TIdCookieManager that you assign to each TIdHTTP you create.