mammothman42@hotmail.com wrote:
> i've copied my bank's login form and saved a copy on my computer.
> However when i try to submit it, i get a 405 method not allowed error.
> Can't for the life of me figure out why, it's posting exactly the same
> data from exactly the same html code. Any ideas? It's a https (SSL)
> site.

First a little speech. When you got the error "method not allowed",
didn't some bells and whistles go off in you head, followed by a thought
of "the bank probably doesn't want me to be doing this". Obviously they
are doing some additional checking to prevent misuse, not just to annoy
people.

Anyway, if you just copied the form and changed action to point to the
appropriate page, then the first obstacle is the referer[sic]-header. I
dont know of any ordinary browser which lets you fake that header, but
you can try cli-type webclients like wget and curl to explore that.
They (the bank) might require an ongoing session or kind of checksum, so
you would need to check for an id or other data in cookies, url or
hidden form-fields, which was related to the original loginform. I think
both wget and curl can help you there.
And there can be other "things".

As you probably suspect, anyhow they have done it, you would probably
need to write a mediator-script between your local form and the bank's
webserver. PHP has curl extensions which is useful for this purpose.

But seriously, check with the bank first. If they dont mind, they could
give you the information you need. If they do mind, then you shouldn't
be doing it in the first place.

/Bent