Old 18th October 2018, 11:14   #521
KnightRiderX
Junior Member
 
Join Date: Oct 2018
Posts: 6
Hello Everyone.

I'm having SendRequest Error if checking some sites.
For example, I'd like to get headers:

inetc::head /SILENT "https://35.169.75.153/" "D:\0.txt" /END
-> SendRequest Error

That's a random site - www.quora.com - I need smth else but anyway...
Also if I try this:

inetc::head /SILENT "https://www.quora.com/" "D:\0.txt" /END
-> Access Forbidden (403)

Please, help would be appeciated.
KnightRiderX is offline   Reply With Quote
Old 18th October 2018, 12:58   #522
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
https://35.169.75.153/ does not work in a modern browser either, it will not be able to match the certificate to the host. Adding the /WEAKSECURITY INetC option might be able to work around that.

403 is "The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated."

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 18th October 2018, 13:06   #523
KnightRiderX
Junior Member
 
Join Date: Oct 2018
Posts: 6
No, /WEAKSECURITY not working.
I guess I need 0x3300 flag to be set.
Is there any instruction of how to compile Inetc project?
KnightRiderX is offline   Reply With Quote
Old 18th October 2018, 13:15   #524
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
Quote:
Originally Posted by KnightRiderX View Post
I guess I need 0x3300 flag to be set.
And that is what? No flag is going to fix the 403 I'm guessing.

Quote:
Originally Posted by KnightRiderX View Post
Is there any instruction of how to compile Inetc project?
Depends on your setup of course. In Visual Studio you can probably just create a .dll project and add the source files.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 18th October 2018, 13:50   #525
KnightRiderX
Junior Member
 
Join Date: Oct 2018
Posts: 6
Question

Quote:
Originally Posted by Anders View Post
And that is what? No flag is going to fix the 403 I'm guessing.
I just mentioned 403 but my error is SendRequest Error. And I know that I need 0x3300 to be set. I have compiled the project but what should I do to make a .dll? I'm not a C++ guy.
KnightRiderX is offline   Reply With Quote
Old 18th October 2018, 14:14   #526
KnightRiderX
Junior Member
 
Join Date: Oct 2018
Posts: 6
This is URL I need to get data from:

https://35.189.228.145/win64

inetc::head /SILENT /WEAKSECURITY "https://35.189.228.145:443/win64" "D:\0.txt" /END

And still SendRequest Error.
KnightRiderX is offline   Reply With Quote
Old 19th October 2018, 00:16   #527
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
INetC uses the same HTTP library as Internet Explorer. Does that URL work in IE?

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 2nd March 2019, 19:41   #528
NightWolve
Junior Member
 
Join Date: Mar 2019
Posts: 4
Quote:
Originally Posted by Anders View Post
INetC uses the same HTTP library as Internet Explorer. Does that URL work in IE?
Ah, thanks a lot!! I couldn't get this plugin to work because now I have a "https:" URL to download from! The link works in all browsers and other situations (perl get script), but when I tried it in IE, I got this:



I guess I'll have to research what registry keys were turned off that represent TLS 1.0, TLS 1.1, and TLS 1.2, and set them on during NSIS execution/installation.
NightWolve is offline   Reply With Quote
Old 2nd March 2019, 20:27   #529
NightWolve
Junior Member
 
Join Date: Mar 2019
Posts: 4
FIXED!

The code goes something like this:

code:

!define IE_NETCONFIG "Software\Microsoft\Windows\CurrentVersion\Internet Settings"


Function DownloadFile
ReadRegDWORD $9 HKCU "${IE_NETCONFIG}" "SecureProtocols"
WriteRegDWORD HKCU "${IE_NETCONFIG}" "SecureProtocols" 0x00000A80

inetc::get "https://www.falcom.com/download/support/ys6/Ys6_1202.zip" "$INSTDIR\file.zip"


#do stuff

# Restore IE settings to original value
WriteRegDWORD HKCU "${IE_NETCONFIG}" "SecureProtocols" $9
FunctionEnd



Code "0x00000A80" for the SecureProtocols DWORD value in the IE registry is the default when you reset settings. TLS 1.0, 1.1, 1.2 are all turned on by default.

It's just simple enough to restore the value to whatever it was after you're done using the plug-in. I don't wanna figure out how to AND on the bit to just turn on TLS 1.2 and leave it on... That's the only protocol I needed on for that particular link to work.

I turned a lot of IE settings off cause I don't trust the browser and only use it for testing/development, so that's how I ran into this problem myself. I'm surprised this plug-in has a dependency to IE like this, I would've hoped it just uses the winsock API directly to get the job done, but free is free.
NightWolve is offline   Reply With Quote
Old 2nd March 2019, 23:44   #530
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
Technically, it uses WinINET which is the same internet library IE uses.

Windows 2000 added a new lighter HTTP API. I'm not sure if it also uses the same security settings as IE.

Using winsock directly would mean that we manually would have to handle the encryption and certificates.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 6th March 2019, 20:35   #531
sgt-d
Junior Member
 
Join Date: Aug 2001
Location: Earth
Posts: 36
I'm glad to see this topic is still active.

I have tried using these two INetC plugins:

https://nsis.sourceforge.io/Inetc_plug-in
https://github.com/DigitalMediaServer/NSIS-INetC-plugin

In this example I am including the username and password which I think is supposed to send automatically to the proxy server without the pop up Windows/web/whatever authorization screen:

inetc::get /proxy localhost:80 /username wut /password oic "http://download.blah.com/setup.exe" "$instdir\test_setup.exe" /end
pop $0
messagebox mb_ok "$0"

But the auth screen still pops up every time (attached, hopefully, below).

If I don't put in the information the messagebox says "Cancelled" and the download fails.

If I manually type in the username and password in the auth dialog (which is redundant since it was supposed to be passed automatically) the download works and the messagebox says "OK".

I also tried /USERNAME and /PASSWORD but I don't think case matters and I tried /weaksecurity but I don't think that's the right angle anyway.

What am I doing wrong? Any suggestions?

Thank you!


meh.
sgt-d is offline   Reply With Quote
Old 6th March 2019, 20:57   #532
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
Did you read that wiki page?

Quote:
/PASSWORD
Proxy password (http only). For server (http/ftp) authentication it is possible to use URL encoded name and password, for example http://username:password@nsis.sourceforge.net/setup.exe.
Is the dialog for the proxy or the webserver?

/weaksecurity is for HTTPS and certificates, not password authentication.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 6th March 2019, 21:09   #533
sgt-d
Junior Member
 
Join Date: Aug 2001
Location: Earth
Posts: 36
The dialog is for the proxy. And thank you for pointing out the /password part. Yes, I did see it but I just assumed it was something possible to do but not really required. If that make sense. I will give it a shot though. I'm sure it will work.

Out of curiosity only, should it work the way I had it originally?

meh.
sgt-d is offline   Reply With Quote
Old 6th March 2019, 21:40   #534
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
I don't have a proxy server I can test on but I assume the INetC author tested it but I'm not 100% sure.

Your syntax looks correct assuming only the proxy requires authentication.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Old 6th March 2019, 22:59   #535
sgt-d
Junior Member
 
Join Date: Aug 2001
Location: Earth
Posts: 36
Correct, only the proxy server requires auth.

The http://user : pass@blah suggestion worked. But you already knew that.

Thanks for your help!

meh.
sgt-d is offline   Reply With Quote
Old 9th March 2019, 12:17   #536
Anders
Moderator
 
Anders's Avatar
 
Join Date: Jun 2002
Location: ${NSISDIR}
Posts: 5,163
Quote:
Originally Posted by NightWolve View Post
I turned a lot of IE settings off cause I don't trust the browser and only use it for testing/development, so that's how I ran into this problem myself.
The settings under the Internet Settings key are for all apps, not just IE. Granted, the settings UI really blurs the line between IE and system.

I did consider writing a WinHTTP plug-in but the current recommendations are:

Quote:
With a few exceptions, WinINet is a superset of WinHTTP. When selecting between the two, you should use WinINet, unless you plan to run within a service or service-like process that requires impersonation and session isolation.

IntOp $PostCount $PostCount + 1
Anders is offline   Reply With Quote
Reply
Go Back   Winamp & Shoutcast Forums > Developer Center > NSIS Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump