Java Reference
In-Depth Information
menus, radio buttons, and more. However, although these input widgets appear differ‐
ent to the user, the format of data they send to the server is the same. Each form element
provides a name and an encoded string value.
In some cases, the program you're talking to may not be able to handle arbitrary text
strings for values of particular inputs. However, since the form is meant to be read and
filled in by human beings, it should provide sufficient clues to figure out what input is
expected; for instance, that a particular field is supposed to be a two-letter state abbre‐
viation or a phone number. Sometimes the inputs may not have such obvious names.
There may not even be a form, just links to follow. In this case, you have to do some
experimenting, first copying some existing values and then tweaking them to see what
values are and aren't accepted. You don't need to do this in a Java program. You can
simply edit the URL in the address or location bar of your web browser window.
The likelihood that other hackers may experiment with your own
server-side programs in such a fashion is a good reason to make them
extremely robust against unexpected input.
Regardless of how you determine the set of name-value pairs the server expects, com‐
municating with it once you know them is simple. All you have to do is create a query
string that includes the necessary name-value pairs, then form a URL that includes that
query string. Send the query string to the server and read its response using the same
methods you use to connect to a server and retrieve a static HTML page. There's no
special protocol to follow once the URL is constructed. (There is a special protocol to
follow for the POST method, however, which is why discussion of that method will have
to wait until Chapter 7 .)
To demonstrate this procedure, let's write a very simple command-line program to look
up topics in the Open Directory . This site is shown in Figure 5-1 and it has the advantage
of being really simple.
Search WWH ::




Custom Search