Why does WWW::Mechanize and login-data break when I switch from a query string to a hash?

The following script works fine:

#!/usr/bin/env perl
use strict; use warnings;
use Data::Dumper;
use WWW::Mechanize;

my $loginData = "userName=username&password=password&deeplinkForward=%2Fselfcare%2Frestricted%2FprepareCoCo.do&x=84&y=7";
my $loginUrl = "https://www.login.login/login.do";
my $mech = WWW::Mechanize->new( show_progress => 1 );

my $req = $mech-&g开发者_C百科t;post( $loginUrl, 'Content' => $loginData  );

my $content = $req->content();
print Dumper $content;

But when I replace the line

my $req = $mech->post( $loginUrl, 'Content' => $loginData  );

with

my %hash = (    
    'username' => 'username', 
    'password' => 'password', 
    'deeplinkForward' => '%2Fselfcare%2Frestricted%2FprepareCoCo.do', 
    'x' => '84', 
    'y' => '7' 
);

my $req = $mech->post( $loginUrl, 'Content' => \%hash );

it doesn't work any more ( the script works, but the login doesn't ). Is there something worng?

---

You have to unescape deeplinkForward:

'deeplinkForward' => '/selfcare/restricted/prepareCoCo.do',

Otherwise, WWW::Mechanize thinks you want to send literal % signs, and helpfully escapes them for you.

To see what's going wrong, try adding this code right before the $mech->post line:

use HTTP::Request::Common 'POST';
print POST( $loginUrl, 'Content' => $loginData )->as_string;
print POST( $loginUrl, 'Content' => \%hash )->as_string;

They should be the same, except for the order of the fields.

It's conceivable that the server requires the fields to be listed in that order (it shouldn't, but...). In that case, you can use an array instead of a hash (hashes don't preserve ordering). Just replace %hash with @fields everywhere it appears.

print POST( $loginUrl, 'Content' => \@fields )->as_string;

---

i don't have mechanize in place, but you can try this and see how it goes

my $req = $mech->post( $loginUrl, \%hash);