J'ai testé ceci avec curl (notez le -v et -d):
curl -i -v -s -k -X $'POST' \
-H $'Host: 192.168.100.1' -H $'Accept: application/json, text/javascript, */*' -H $'X-Requested-With: XMLHttpRequest' -H $'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.65 Safari/537.36' -H $'Content-Type: application/x-www-form-urlencoded' -H $'Origin: http://192.168.100.1' -H $'Referer: http://192.168.100.1/ONT/client/html/content/config/setup.html?lang=en' -H $'Accept-Encoding: gzip, deflate' -H $'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' -H $'Connection: close' \
-b $'lang=en' -d $'ploam_password=00000181061234567890' $'http://192.168.100.1/ONT/client/data/Router.json'
et cela donne ceci:
* Trying 192.168.100.1:80...
* Connected to 192.168.100.1 (192.168.100.1) port 80 (#1)
> POST /ONT/client/data/Router.json HTTP/1.1
> Host: 192.168.100.1
> Cookie: lang=en
> Accept: application/json, text/javascript, */*
> X-Requested-With: XMLHttpRequest
> User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36
> Content-Type: application/x-www-form-urlencoded
> Origin: http://192.168.100.1
> Referer: http://192.168.100.1/ONT/client/html/content/config/setup.html?lang=de
> Accept-Encoding: gzip, deflate
> Accept-Language: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
> Connection: close
> Content-Length: 35
>
* Mark bundle as not supporting multiuse
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
HTTP/1.0 200 OK
< Cache-Control: no-cache,no-store,max-age=0
Cache-Control: no-cache,no-store,max-age=0
< Prama: no-cache
Prama: no-cache
< X-Frame-Options: DENY
X-Frame-Options: DENY
< Expires: 0
Expires: 0
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< CONTENT-LANGUAGE: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
CONTENT-LANGUAGE: de-DE,de;q=0.9,en-US;q=0.8,en;q=0.7
< Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
Content-Security-Policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'
< Content-type: application/javascript
Content-type: application/javascript
<
* Closing connection 1
[{"vartype":"status","varid":"status","varvalue":"ok"},{"vartype":"value","varid":"ploam_state","varvalue":"0"}]%
Pour curl, la requête fait aussi 35 octets de long mais cela ne fonctionne pas non plus.