Using http.Client, How to make requests with 'Connection: keep-alive' header?

I’m coding a http client that simulates a login process on a website, the webserver only supports authentication via an open connection (with header “Connection: keep-alive”), but I can’t find the way to make it with Golang; I already used a custom connection with timeout param but the header does not contains any connection field, I also force the value in headers using request.headers.add(“Connection”, “keep-alive”) but nothing works.

This is the connection code:

package main

import (
	"bytes"
	"fmt"
	"log"
	"net/http"
	"net/http/cookiejar"
	"net/url"
	"strings"
	"time"
)

func catch(e error) {
	if e != nil {
		log.Fatalln(e)
	}
} // END catch

func main() {
	// Cookie jar
	cookies, err := cookiejar.New(nil)
	catch(err)

	// Custom client
	client := &http.Client{
		Jar:     cookies,
		Timeout: time.Second * 60,
	}

	// Data to be send
	data := url.Values{}
	// Fake values
	data.Add("user", "john")
	data.Add("passwd", "123")

	// Data to buffer
	buffData := bytes.NewBuffer([]byte(data.Encode()))

	// Fake URL
	strURL := "http://www.google.com/"


	// Generating request
	req, err := http.NewRequest("POST", strURL, buffData)
	catch(err)

	// Setting required headers
	req.Header.Set("Postman-Token", "bc6825dd-d6d5-2df8-204d-a70824a74d4b")
	req.Header.Set("Cache-Control", "no-cache")
	req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
	req.Header.Set("Accept", "*/*")
	//req.Header.Set("Connection", "keep-alive") // Force Connection: keep-alive

	//req.Close = false // Another try to get Connection: keep-alive

	// Making the request and getting response
	res, err := client.Do(req)
	catch(err)

	// Reading response body
	b := new(bytes.Buffer)
	b.ReadFrom(res.Body)
	strBody := b.String()

	// Fake string
	strSuccess := "logged in"

	isLoggedIn := strings.Contains(strBody, strSuccess)

	fmt.Printf("Is logged in? %v\n", isLoggedIn)
} // END main

This is a manually generated request that works:

POST /Login.aspx HTTP/1.1
Host: server.com
Connection: keep-alive
Content-Length: 2533
Postman-Token: 829a547e-31f0-a75a-d944-fa603c3e4178
Cache-Control: no-cache
Origin: chrome-extension://aicmkgpgakddgnaphhhpliifpcfhicfo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en,es-419;q=0.8,es;q=0.6

This one is the connection made with Golang:

POST /Login.aspx HTTP/1.1
Host: server.com
User-Agent: Go-http-client/1.1
Content-Length: 2533
Accept: */*
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Cookie: ASP.NET_SessionId=xh3db0rkwcgnaaygcnmnvg21; loadFromBrowserCache=false; ingrammicro.com=ffffffff0904570345525d5f4f58455e445a4a423660
Postman-Token: bc6825dd-d6d5-2df8-204d-a70824a74d4b
Accept-Encoding: gzip

Keep alive is the default behaviour. Specifically Connection: keep-alive is ignored by web servers. All they care about is connection: close.

1 Like

I got it, it was a page’s lan issue, the server validates the “view” language (fr/es/en/…) to prevent XSS attacks so I was sending a different language value than I was working.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.