I
inetquestion
I have an HTML form with two input tags (username, password) which
POSTs to login.jsp The problem is that when an error occurs I have no
way to track this back to a specific user in the access logs.
Basically all we have in our logs are entries like this:
0.0.0.0 - - [20/Apr/2009:00:54:53 -0400] "POST /login.jsp HTTP/1.1"
302 -
0.0.0.0 - - [20/Apr/2009:00:55:12 -0400] "POST /login.jsp HTTP/1.1"
500 -
0.0.0.0 - - [20/Apr/2009:01:35:40 -0400] "POST /login.jsp HTTP/1.1"
302 -
Would it be possible to place some non-obtrusive JavaScript in the
page to intercept the form submission and perform the actions below?
Append the user’s login name as a query string parameter along with a
random number when performing the POST to login.jsp. It is understood
the user would have access to mangle the query string if they
desired… The values in the logs would be used for troubleshooting
purposes, nothing more…
• Extract the value of username (testuser)
• Generate a random 8 digit number (12345678)
• Create string: id=testuser-12345678
• Submit form with the string above appended to the POST url as: /
login.jsp?id=testuser-12345678
0.0.0.0 - - [20/Apr/2009:00:54:53 -0400] "POST /login.jsp?
id=testuser-91312978 HTTP/1.1" 302 -
0.0.0.0 - - [20/Apr/2009:00:55:12 -0400] "POST /login.jsp?
id=testuser-07124987 HTTP/1.1" 302 -
0.0.0.0 - - [20/Apr/2009:01:35:40 -0400] "POST /login.jsp?
id=testuser-84565693 HTTP/1.1" 302 -
POSTs to login.jsp The problem is that when an error occurs I have no
way to track this back to a specific user in the access logs.
Basically all we have in our logs are entries like this:
0.0.0.0 - - [20/Apr/2009:00:54:53 -0400] "POST /login.jsp HTTP/1.1"
302 -
0.0.0.0 - - [20/Apr/2009:00:55:12 -0400] "POST /login.jsp HTTP/1.1"
500 -
0.0.0.0 - - [20/Apr/2009:01:35:40 -0400] "POST /login.jsp HTTP/1.1"
302 -
Would it be possible to place some non-obtrusive JavaScript in the
page to intercept the form submission and perform the actions below?
Append the user’s login name as a query string parameter along with a
random number when performing the POST to login.jsp. It is understood
the user would have access to mangle the query string if they
desired… The values in the logs would be used for troubleshooting
purposes, nothing more…
• Extract the value of username (testuser)
• Generate a random 8 digit number (12345678)
• Create string: id=testuser-12345678
• Submit form with the string above appended to the POST url as: /
login.jsp?id=testuser-12345678
0.0.0.0 - - [20/Apr/2009:00:54:53 -0400] "POST /login.jsp?
id=testuser-91312978 HTTP/1.1" 302 -
0.0.0.0 - - [20/Apr/2009:00:55:12 -0400] "POST /login.jsp?
id=testuser-07124987 HTTP/1.1" 302 -
0.0.0.0 - - [20/Apr/2009:01:35:40 -0400] "POST /login.jsp?
id=testuser-84565693 HTTP/1.1" 302 -