'How to reference variable inside multi-part form POST request?

import requests

VAR1=example_value

cookies = {
    'PHPSESSID': 'cr0mcr0ioh7hnq6ojp1t',
    '__cf_bm': 'xCBq9rjPlgItE',
    '_ga': 'GA1.2.427340397.1646246265',
    '_gid': 'GA1.2.1367640986.1646246265',
    '__atuvc': '137%7C9',
    '__atuvs': '621fb97b52a5b3a4088',
    'access_token': '1498785052410458114-catIkQW3gfq',
    'access_token_secret': 'qqeM329GP04z4bIRuiZzL9PtF',
    'phpbb3_q7idm_u': '2665',
    'phpbb3_q7idm_k': 'l3t3jizs7r5lx',
    'phpbb3_q7idm_sid': '3b8c061bb1a84d8e4e0da20aad53',
    'cf_chl_2': '192b69428b2d',
    'cf_chl_prog': 'x9',
    'cf_clearance': '6jDZnnU5OfrjjzHehsMzl1_fjhGZzFAssB6.JxvFvsQ-1646254349-0-150',
    '_gat_gtag_UA_154945953_1': '1',
}

headers = {
    'User-Agent': 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0',
    'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
    'Accept-Language': 'en-US,en;q=0.5',
    'Content-Type': 'multipart/form-data; boundary=---------------------------68691672125407727583759660754',
    'Origin': 'https://www.openbugbounty.org',
    'Alt-Used': 'www.openbugbounty.org',
    'Connection': 'keep-alive',
    'Referer': 'https://www.openbugbounty.org/report/',
    'Upgrade-Insecure-Requests': '1',
    'Sec-Fetch-Dest': 'document',
    'Sec-Fetch-Mode': 'navigate',
    'Sec-Fetch-Site': 'same-origin',
    'Sec-Fetch-User': '?1',
    'TE': 'trailers',
}

data = '-----------------------------68691672125407727583759660754\r\nContent-Disposition: form-data; name="type"\r\n\r\nXSS\r\n-----------------------------68691672125407727583759660754\r\nContent-Disposition: form-data; name="url"\r\n\r\nVAR1 %\r\n'

response = requests.post('https://www.openbugbounty.org/report/', headers=headers, cookies=cookies, data=data)

We are trying to reference a value from a variable in the submission, why doesn't it work? It is taking the name of the variable and using it instead. Any assistance would be greatly appreciated.

python


Solution 1:[1]

You write a string containing literal "VAR1" you can't expect the server to receive something else.

You need to format your string with the content of VAR1 with an f-string for example

VAR1 = "XXXXX"
data = '-----------------------------68691672125407727583759660754\r\n' \
       'Content-Disposition: form-data; name="type"\r\n\r\n' \
       'XSS\r\n' \
       '-----------------------------68691672125407727583759660754\r\n' \
       'Content-Disposition: form-data; name="url"\r\n\r\n' \
       f'{VAR1} %\r\n'

Or just string concatenation

VAR1 = "XXXXX"
data = '-----------------------------68691672125407727583759660754\r\n' \
       'Content-Disposition: form-data; name="type"\r\n\r\n' \
       'XSS\r\n' \
       '-----------------------------68691672125407727583759660754\r\n' \
       'Content-Disposition: form-data; name="url"\r\n\r\n' + \
       VAR1 + ' %\r\n'

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 azro

Related Questions

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

pip issue installing almost any library

pip issue installing almost any library

pip issue installing almost any library

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

Selenium-Python: How do I make my WebDriverWait a few seconds before reloading a page?

A simple SMTP server (in Python)

How to specify which pytorch to import, if I have two different versions installed?

How to specify which pytorch to import, if I have two different versions installed?

A simple SMTP server (in Python)

Python: get all months in range?

Python: get all months in range?

Python: get all months in range?

How to specify which pytorch to import, if I have two different versions installed?