我用httpanaly分析IE登录网站后提交文章和自己写的程序模拟登录成功后提交文章的过程,发现两者的header,postdata完全一样,cookie除了跟登录成功会话id不同外,其它cookie值也完全相同,但是用IE就可以正常提交,我的程序就提交不了,请问除header,cookie,postdata之外,还有哪些值可能导致提交失败?是不是网站做了反cookie伪造的措施?但是,提交的各个更http有关的参数都一样,网站怎么判断是伪造的呢?请高人指教?下面是post部分的代码,不过应该更代码没有关系,因为我是使用同样的代码模拟登录成功的!
HttpWebRequest httpWebRequest=null;
HttpWebResponse httpWebResponse=null;
try
{
byte[] byteRequest = Encoding.GetEncoding(Code).GetBytes(postData);
httpWebRequest = (HttpWebRequest)HttpWebRequest.Create(url); httpWebRequest.CookieContainer = m_Cookie; if(!String.IsNullOrEmpty(ContentType))
httpWebRequest.ContentType = ContentType; if (!String.IsNullOrEmpty(AcceptEncoding))
httpWebRequest.Headers.Add("Accept-Encoding", AcceptEncoding); if(!String.IsNullOrEmpty(strReferer))
httpWebRequest.Referer = strReferer; httpWebRequest.Accept = m_accept;
httpWebRequest.UserAgent = m_userAgent;
httpWebRequest.Method = "POST";
httpWebRequest.KeepAlive = true;
httpWebRequest.ContentLength = byteRequest.Length;
httpWebRequest.AllowAutoRedirect = true;
httpWebRequest.Headers.Add("Accept-Language", "zh-cn");
httpWebRequest.Headers.Add("Cache-Control", "no-cache"); httpWebRequest.Proxy = null;
Stream stream = httpWebRequest.GetRequestStream();
stream.Write(byteRequest, 0, byteRequest.Length);
stream.Close(); httpWebResponse = (HttpWebResponse)httpWebRequest.GetResponse(); Stream responseStream;
string gzip = httpWebResponse.ContentEncoding; if (string.IsNullOrEmpty(gzip) || gzip.ToLower() != "gzip")
{
responseStream = httpWebResponse.GetResponseStream();
}
else
{
responseStream = new System.IO.Compression.GZipStream(
httpWebResponse.GetResponseStream(), System.IO.Compression.CompressionMode.Decompress);
} StreamReader streamReader = new StreamReader(responseStream);
string html = streamReader.ReadToEnd();
streamReader.Close();
responseStream.Close();
m_currentTry = 0;
httpWebRequest.Abort();
httpWebResponse.Close();
return html;
另外还有个小问题:
byte[] byteRequest = Encoding.GetEncoding(Code).GetBytes(postData); 这个Code是指网站的编码还是指本地提交数据的编码?谢谢各位!
HttpWebRequest httpWebRequest=null;
HttpWebResponse httpWebResponse=null;
try
{
byte[] byteRequest = Encoding.GetEncoding(Code).GetBytes(postData);
httpWebRequest = (HttpWebRequest)HttpWebRequest.Create(url); httpWebRequest.CookieContainer = m_Cookie; if(!String.IsNullOrEmpty(ContentType))
httpWebRequest.ContentType = ContentType; if (!String.IsNullOrEmpty(AcceptEncoding))
httpWebRequest.Headers.Add("Accept-Encoding", AcceptEncoding); if(!String.IsNullOrEmpty(strReferer))
httpWebRequest.Referer = strReferer; httpWebRequest.Accept = m_accept;
httpWebRequest.UserAgent = m_userAgent;
httpWebRequest.Method = "POST";
httpWebRequest.KeepAlive = true;
httpWebRequest.ContentLength = byteRequest.Length;
httpWebRequest.AllowAutoRedirect = true;
httpWebRequest.Headers.Add("Accept-Language", "zh-cn");
httpWebRequest.Headers.Add("Cache-Control", "no-cache"); httpWebRequest.Proxy = null;
Stream stream = httpWebRequest.GetRequestStream();
stream.Write(byteRequest, 0, byteRequest.Length);
stream.Close(); httpWebResponse = (HttpWebResponse)httpWebRequest.GetResponse(); Stream responseStream;
string gzip = httpWebResponse.ContentEncoding; if (string.IsNullOrEmpty(gzip) || gzip.ToLower() != "gzip")
{
responseStream = httpWebResponse.GetResponseStream();
}
else
{
responseStream = new System.IO.Compression.GZipStream(
httpWebResponse.GetResponseStream(), System.IO.Compression.CompressionMode.Decompress);
} StreamReader streamReader = new StreamReader(responseStream);
string html = streamReader.ReadToEnd();
streamReader.Close();
responseStream.Close();
m_currentTry = 0;
httpWebRequest.Abort();
httpWebResponse.Close();
return html;
另外还有个小问题:
byte[] byteRequest = Encoding.GetEncoding(Code).GetBytes(postData); 这个Code是指网站的编码还是指本地提交数据的编码?谢谢各位!
对了,是不是有可能网站的有些网页使用js写cookie?这样httpwebrequest返回的cookie就不完整了,在使用httpwebrequest等到的cookie去post数据时就不会成功?有木有这种可能?有木有人回答?
http://blog.csdn.net/wyw308/archive/2011/05/24/6441405.aspx
刚才通过HttpAnaly分析了一下,httpWebRequest.CookieContainer中的cookie已经包含了httponly的cookie,所以应该不是httponly的问题!
http://blog.csdn.net/wyw308/archive/2011/05/24/6441405.aspx这里有httponly解决方法