Information on parameterizing apps written using sapwebsynpro in SapWeb protocol
Question ID: 104342
2
0
"Action=http://www.example.com:8000/sap/bc/webdynpro/SAP/ERC_A_WORKCENTER/;sap-ext-sid={SapExtSid2_120}"
"Method=POST",
"TargetFrame=",
"RecContentType=text/html",
"Referer=http://www.example.com:8000/sap/bc/webdynpro/SAP/ERC_A_WORKCENTER/;sap-ext-sid={SapExtSid2_98}"
"Snapshot=t18.inf",
"Mode=HTML",
ITEMDATA,
"Name=SAPEVENTQUEUE", "Value=Custom_ClientInfos~E002Id~E004WD01~E005WindowOpenerExists~E004false~E005Clien
"Name=sap-charset", "Value=utf-8", ENDITEM,
"Name=_client_url_", "Value=", ENDITEM,
LAST);
Obviously the sap-ext-sid has already been correlated (this is easy to do with a Correlation Rule), but the SAPEVENTQUEUE
also needs to be correlated. This is difficult, as it is constructed dynamically using JavaScript, so the value does not appear
directly in any HTML response, and therefore cannot be correlated using a simple web_reg_save_param.
Examining the SAPEVENTQUEUE string, there are two repeated patterns; a series of 5 characters like "~E005H, and a series
of 5 characters like "~003A" (without the "E"). Taking an educated guess, we can see that the string...
1 http~003A~002F~002Fwww.example.com~003A8000~002Fsap~002Fbc~002Fwebdynpro~002FSAP~002FERC_A_WORKCENTER~
...is an encoding of...
1 http://www.example.com:8000/sap/bc/webdynpro/SAP/ERC_A_WORKCENTER/;sap-ext-sid=zuUt57Mx_3J
...which means that...
~003A is :
~002F is /
~002F is /
~003D is =
~003B is ;
So it looks like SAP has invented their own way of URL Encoding values to be Posted to a Web Dynpro server.
But what about the encoded values with an "E" at the start? Searching through the source code, we find that these are special
"event separators"...
~E001 is EVENT
~E002 is SECTION_BEGIN
~E003 is SECTION_END
~E004 is KEYVALUE
~E005 is KEYVALUE_PAIR
~E006 is COLLECTION_ENTRY
As I am unlikely to want to change the separators, here is a simple function that will encode a string using SAP's special version of URL encoding.

// This function replaces unreserved characters in a string with their encoded values.
// Encoding is in the style of SAP Web Dynpro. E.g. "abd*def" becomes "abc~002Adef".
// Reserved/unreserved characters are according to RFC3986 (http://tools.ietf.org/html/rfc3986)
// This function returns a pointer to the start of the encoded string (buf).
// Note that buf must be big enough to hold original string plus all converted entities.
char* dynpro_encode(char* plain_string, char* buf) {
int len = strlen(plain_string);
int i,j;
char hex_value[3];
if (plain_string == NULL) {
lr_error_message("Input string is empty.");
return NULL;
}
Marked as spam
Posted by (Questions: 2, Answers: 0)
Asked on March 13, 2011 6:05 pm
149 views
Answers (1)
2
Private answer

Looks good, thanks

Marked as spam
Posted by (Questions: 4, Answers: 41)
Answered on February 28, 2013 8:21 pm
EyeOnTesting

Welcome back to "EyeOnTesting" brought to you by Orasi Software, Inc.

X
Scroll to Top