Logging in to eBay using HttpWebRequest

Question

I'm trying to log in to my eBay account using the following code:

string signInURL = "https://signin.ebay.com/ws/eBayISAPI.dll?co_partnerid=2&siteid=0&UsingSSL=1";
string postData = String.Format("MfcISAPICommand=SignInWelcome&userid={0}&pass={1}", "username", "password");
string contentType = "application/x-www-form-urlencoded";
string method = "POST";
string userAgent = "Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US)";

CookieContainer cookieContainer = new CookieContainer();

HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(signInURL);
req.CookieContainer = cookieContainer;
req.Method = method;
req.ContentType = contentType;
req.UserAgent = userAgent;
ASCIIEncoding encoding = new ASCIIEncoding();
byte[] loginDataBytes = encoding.GetBytes(postData);
req.ContentLength = loginDataBytes.Length;
Stream stream = req.GetRequestStream();
stream.Write(loginDataBytes, 0, loginDataBytes.Length);
stream.Close();
HttpWebResponse res = (HttpWebResponse)req.GetResponse();
StreamReader xsr = new StreamReader(res.GetResponseStream());
String responseText = xsr.ReadToEnd();

Obviously substituting my real username and password -- but when I look at the string responseText, I see that part of the response from eBay is 'The browser you are using is rejecting cookies.' -- Any ideas what I'm doing wrong?

P.S. And yes, I am also using the eBay API, but this is for something slightly different than what I want to do with the API.

Answer 1

You're doing a direct http request. The Ebay site has functionality to talk to a browser (probably to store the session cookie). Unless you make the request code smart enough to use cookies correctly it won't work. You'll probably have to use the internet explorer object instead.

Answer 2

Can you get a trace and see what is going on? If at all it is a question of cookies, that means that it either expects you to send the cookie in the first request itself, or the cookie it is sending is not getting stored in the cookie container you set on the request.

Use instructions at http://ferozedaud.blogspot.com/2009/08/tracing-with-systemnet.html to enable tracing, and see the trace file to figure out what the problem is.

You can also look at the request session in a browser. For eg, in Firefox, you can enable the "Firebug" extension, login to Ebay (make sure you clear the cookies in the browser first) and then press F12 and see the request/response between the browser and EBay. Then, try to emulate the exact same request/response using the code.

Also, some feedback regarding your code.

1) Make sure to close/dispose of all the streams as well as the HttpWebResponse object. If you dont, your requests will hang because the underlying connection wont be closed, and you will run out of connections.

2) If all you want to do is a form post, you can do that much simply with the WebClient object, by using WebClient::UploadData() method. I am not sure if it allows you to set the CookieContainer. Even if it doesnt, it is a simple matter of subclassing the WebClient to set the cookie container.

Answer 3

Hi,

You need to intercept the http traffic to see what exactly what had happened. I use Fiddler2. It is the good tools for debugging http. So I can know whos wrong, my application or the remote web server.

Using fiddler, you can see the request header, response header with its cookies as well as response content. It used in the middle of your app and the Ebay.

Based on my experience. I think it is because Ebay cookie sent to you is not send back to Ebay server. Fiddler will prove it whether yes or not.

Another thing, the response cookie you receive should be send back to next request by using the same CookieContainer.

You should notice that CookieContainer has a bug on .Add(Cookie) and .GetCookies(uri) method. You may not using it, but internal codes might use it.

See the details and fix here:

http://dot-net-expertise.blogspot.com/2009/10/cookiecontainer-domain-handling-bug-fix.html

CallMeLaNN