I need to create a WCF application that requests a "recaptcha" and sends it over to a WCF client, as a bitmap. All examples I have found so far are built to display the captcha in a web browser, wheras I need the actual recaptcha image.
The reaason I need to do this is because I need to create a registration screen in a c# WinForms application. Here's how it works:
User opens registration screen through windows application.
Application requests a captcha from WCF server.
WCF server generates and sends captcha.
Application displays captcha and allows user to enter details.
Application sends details and captcha code to server via WCF.
Server sends return code (ie: If registration was successful or if it failed.)
Note that a hosted website is not an option at this point. There is only a WCF server and a WCF client. I have been trying to avoid generating my own captcha and using re-captcha instead, but I have not managed to find a way to download the actual captcha image. Any alternative solutions are welcome.
It's actually quite similar to this:
https://stackoverflow.com/a/12154911/518923
As the answer suggests, use http://www.google.com/recaptcha/api/challenge?k=your_public_key to get the challenge, parse ChallengeValue, then you can get the image via http://www.google.com/recaptcha/api/image?c=challenge_value
Afterwards you can verify the challenge via http://www.google.com/recaptcha/api/verify
Make sure to check the documentation on the subject https://developers.google.com/recaptcha/docs/verify
Shamelessly copied from the linked post, but I will take no credit ;)
Related
I have a program that opens a web browser control and just displays a web page from our server. They can't navigate around or anything.
The users are not allowed to know the credentials required to login, so after some googling on how to log into a server I found this:
http://user_name:password#URL
This is 'hard coded' into the web browsers code. -It works fine.
HOWEVER: Some smart ass managed to grab the credentials by using WireShark which tracks all the packets sent from your machine.
Is there a way I can encrypt this so the users cannot find out?
I've tried other things like using POST but with the way the page was setup, it was proving extremely difficult to get working. -(Its an SSRS Report Manager webpage)
I forgot to include a link to this question: How to encrypt/decrypt the url in C#
^I cannot use this answer as I myself am not allowed to change any of the server setup!
Sorry if this is an awful question, I've tried searching around for the past few days but can't find anything that works.
Perhaps you could work around your issue with a layer of indirection - for example, you could create a simple MVC website that doesn't require any authentication (or indeed, requires some authentication that you fully control) and it is this site that actually makes the request to the SSRS page.
That way you can have full control over how you send authentication, and you need never worry about someone ever getting access to the actual SSRS system. Now if your solution requires the webpage to be interactive then I'm not sure this will work for you, but if it's just a static report, it might be the way to go.
i.e. your flow from the app would be
User logs into your app (or use Windows credentials, etc)
User clicks to request the SSRS page
Your app makes an HTTP request to your MVC application
Your MVC application makes the "real" HTTP request to SSRS (eg via HttpClient, etc) and dumps the result back to the caller (for example,it could write the SSRS response via #HTML.Raw in an MVC View) The credentials for SSRS will therefore never be sent by your app, so you don't need to worry about that problem any more...
Just a thought.
Incidentally, you could take a look here for the various options that SSRS allows for authentication; you may find some method that suits (for e.g Custom authentication) - I know you mentioned you can't change anything on the server so I'm just including it for posterity.
I have very minimal experience with anything web related so apologies if this is a silly question.
I have a Wordpress site with a contact form which users can use to send me a message from the website. The user fills out the form, and it is converted into an email and sent to me.
I would like to have similar functionality from my c# desktop application.
In other words, I am looking for a way to either programmatically invoke the contact form on my website, or to send information to my website, which it will convert into an email and send it to me directly.
What general concepts should I be looking into?
The information typed into the web form is probably sent back to the web server using the HTTP POST method. Essentially the data entered into the web form is converted to name values pairs and sent to the WordPress app. More information on HTTP POST here: HTTP POST (Wikipedia)
To do the same from a C# app, you need to format the data to POST in a similar way and then look at using the HttpWebRequest class. This stackoverflow thread shows an example: HTTP request with POST. If you POST the information to the same URL the web page is using then the server should generate the email.
Just to note as well, if the WordPress app requires you to be logged in before submitting the information, then you'll need to include code to authenticate with the WordPress app within the C# app.
I hope this helps!
A little background... I have a .NET webpage that communicates one way with a service. (using OnCustomCommand()) When the user presses a button, a function is called. Which is all good and dandy, however when the function is done executing I need to be able to send a message, function call, or some communication to the .NET webpage.
Is there a way for my service to call a function, send message or update my .Net webpage?
I've looked around and seen mostly .NET -> Service but nothing seems to go the other way.
EDIT: Its a windows service, and the ASP page and WindowsService reside on the same server.
Have the service write the output to a common area... such as a shared file, or a database. Then refresh the webpage and have it query that file for the response output.
Support more than one user you should have have some session ID that will be used to determine where the output is saved. For example, call a command line parameter with a GUID like this:
Echo This is a test > c:\Some Directory\Session12345.txt
And then have your aspx page query and refresh using a GET like this http://example.com/GetOutput.aspx?Session=12345
From there use ASP to access a file with an appended SessionID in the URL.
You can extend this concept to work with JQuery and WCF as needed. Of course, you will need to add security to this to prevent MITM attacks. But it sounds like this is a small project not connected to the internet so the extra features may not be that important.
Communication can only be done from client to server. Use Ajax/webservice/scriptmethod for retrieving status of service call.
How would I go about doing the following...
I want to build a web service for my application to grab a piece of data from an external website, that requires the user to login. The website has no public API , hence the reason for the scraper.
Is there a library to perform the following functions? or what do I do?
automate fill-in form, auto click
Automate submit button
check which URL the user has landed
on, and redirect user to URL
Grab data from label.
EDIT: what im asking for is there a web service, library etc to make it easier to perform screen scraping/automation functions???
Instead of filling a form and virtually clicking buttons, you should look at the source of the form, and figure out how the data is being submitted. In most cases you can simply send a post request with the log in data. If there is something special besides a simple post request, I use this addon to figure out what requests are being done that you can't see. Using C#, I would use the HttpWebRequest class because it handles cookies for you.
If the website does not ban robots, you can use YQL to simulate everything you need. However, it can be a bit difficult or impossible as you basically have to implement a text-only browser within JS.
I’ve been asked to integrate a windows form application with SagePay to take payments directly from the application. The SagePay documentation talks about ASP.NET so I’m not sure whether this is possible. Has anyone integrated a WinForm application with SagePay before? Is it possible?
I know some payment processors have a connection option where the payment part is hosted on a form on their server. You could try embedding a web browser control into your app to display the payment page.
Usually there is another type of connection option where you can send your information via HttpWebRequest, but I'm not sure that this would work as it requires SSL. Since you are running your app as a desktop client, I'm not sure what you would have available.
I am not sure this is possible given that sagepay needs to redirect users to Mastercard securecode or Verified by Visa, I think they would need to redirect to the bank which then redirects back to a supplied URL. I would think this needs to be within a browser environment.
You can post to urls and get back a response via .net objects and parse the results to display on a form.
You can also ask SagePay to create a Vendor account with 3d secure switched off. This allows you to take payments in house in your winforms app without the customers password however most card vendors if you bypass 3d secure will not protect you if someone calls and uses a card fraudulently.
However it can definitely be done.
You can normally post to secure servers from non secure pages so again this isn't usually an issue.