detect tls before script fails

Started by stanl, July 15, 2020, 03:13:42 AM

Previous topic - Next topic

stanl

The script below is taken from the Tech Database. It now errors indicating the need to create an SSL/TLS secure channel. Can the script be modified to preset System.Net.SecurityProtocolType with the thought to future web requests?
Code (WINBATCH) Select


;***************************************************************************
;**   Resolving URL from a forwarding link
;**
;** Purpose: Gets url of forwarded link
;** Inputs:
;** Outputs: Results in a Message
;** Reference:
;**       REQUIRES WinBatch 2013A or newer
;**
;** Developer: Deana Falk 2013.05.22
;***************************************************************************
If Version( )< '2013A'
   Pause('Notice', 'Need 2013A or Newer Version of WinBatch')
   Exit
EndIf


fLink = 'http://go.microsoft.com/fwlink/?LinkID=135173' ;forwarding link


ObjectClrOption("useany","System.Net")
WebRequest = ObjectClrNew('System.Net.WebRequest')
WebRequest = WebRequest.Create(fLink)
WebRequest.Timeout = WebRequest.Timeout * 6   ; Set the 'Timeout' property in Milliseconds.
WebResponse = WebRequest.GetResponse()
; The ResponseUri property contains the URI of the Internet resource that actually provided the response data.
; This resource might not be the originally requested URI if the underlying protocol allows redirection of the request.
Pause( "Results", "Forwarding Link = ":fLink:@CRLF:"Resolved URL = ": WebResponse.ResponseUri.ToString() )
Exit

td

"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

stanl

I completely messed up my point. I know I could modify the script. But assume I had a generic web-scraper or rest client that could be applied to any number of URI's some with security, some without. The ask is 'before the execute my web request can I detect if I need to setup a security protocol in advance'?

td

I thought that was what you were getting at but was not sure.  Generally, Web browsers and websites negotiate the communication protocol.  They start at the highest level of security and work their way down.  Of course, specifying https requires some level of SSL.  I am not aware of any dotNet classes that do that for you but that doesn't mean one doesn't exist. Another approach is to emulate a browser by trying each protocol, trapping any errors, and using the one that doesn't produce an error. I had this in mind when I mentioned the help file example.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

td

Many if not most Website issue HTTP redirects when you attempt to access a site using HTTP when they require HTTPS.  I am not sure if there is a way to setup the dotNet class to allow for auto redirections.  If not, would have to use the error trapping approach mentioned above and try both.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade

stanl

Thanks. Moved to next step [new thread regarding Base64].

td

I noticed. 

I should correct one statement I made earlier.  Contrary to my previous post the "System.Net.WebRequest" class will handle HTTP to HTTPS redirects.  Apparently, it was chocking on the URL "http://go.microsoft.com/fwlink/?LinkID=135173" for other unknown reasons.   Interestingly, my browser redirects to an MSFT PowerShell documentation page.
"No one who sees a peregrine falcon fly can ever forget the beauty and thrill of that flight."
  - Dr. Tom Cade