我试图通过curl获取markafoni.com的内容。
class curl
{
private $ch;
function __construct()
{
$this->ch = curl_init();
curl_setopt($this->ch,CURLOPT_CAINFO,dirname(__FILE__)."/cacert.pem");
curl_setopt($this->ch,CURLOPT_USERAGENT,'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/32.0.1700.107 Chrome/32.0.1700.107 Safari/537.36');
curl_setopt($this->ch,CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($this->ch,CURLOPT_SSL_VERIFYHOST, false);
//curl_setopt($this->ch,CURLOPT_AUTOREFERER, true);//
//curl_setopt($this->ch,CURLOPT_REFERER, 'https://www.markafoni.com/');//
//curl_setopt($this->ch,CURLOPT_FAILONERROR, false);//
curl_setopt($this->ch,CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($this->ch,CURLOPT_RETURNTRANSFER,1);
curl_setopt($this->ch,CURLOPT_VERBOSE,1);
//curl_setopt($this->ch,CURLOPT_HEADER,1);
//curl_setopt($this->ch,CURLOPT_HTTPHEADER,$header);
curl_setopt($this->ch,CURLOPT_COOKIESESSION, true);
curl_setopt($this->ch,CURLOPT_COOKIEJAR, dirname(__FILE__)."/cookie.txt");
curl_setopt($this->ch,CURLOPT_COOKIEFILE, dirname(__FILE__)."/cookie.txt");
}
function run($url,$post=array())
{
$postField = '';
foreach($post as $k=>$v) $postField .= $k.'='.$v.'&';
curl_setopt($this->ch,CURLOPT_URL,$url);
if(count($post)){
curl_setopt($this->ch,CURLOPT_POST,count($post));
curl_setopt($this->ch,CURLOPT_POSTFIELDS,$postField);
}else{
curl_setopt($this->ch,CURLOPT_POST,0);
curl_setopt($this->ch,CURLOPT_POSTFIELDS,'');
}
return curl_exec($this->ch);
}
}
但是我收到了这个错误:
Forbidden (403)
CSRF verification failed. Request aborted.
You are seeing this message because this HTTPS site requires a 'Referer header' to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable 'Referer' headers, please re-enable them, at least for this site, or for HTTPS connections, or for 'same-origin' requests
任何想法?
当我启用此行时:
curl_setopt($this->ch,CURLOPT_REFERER,'https://www.markafoni.com/');
我收到另一个错误:
Forbidden (403)
CSRF verification failed. Request aborted.
答案 0 :(得分:2)
在发布帖子之前,浏览器将始终向页面发出get请求(以显示表单)。
考虑来自chrome的获取请求的以下响应标头:
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 29 May 2014 11:57:01 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Vary: Cookie
CACHE: True
Set-Cookie: csrftoken=5F3ttzJcnWdLkL7sPDekggxgjDJTKAmz; expires=Thu, 28-May-2015 11:57:01 GMT; Max-Age=31449600; Path=/
Set-Cookie: _auth=0; Domain=.markafoni.com; Path=/
Set-Cookie: ladsrv=; Domain=.markafoni.com; expires=Thu, 01-Jan-1970 00:00:00 GMT; Path=/
X-BackendID: caramel
X-Forwarded-Proto: http
Content-Encoding: gzip
P3P: CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
注意设置的cookie,特别是这个:csrftoken=...。
要向本网站发布帖子请求,您需要先获取获取请求,保存cookie,然后使用相同的cookie发出帖子请求。
答案 1 :(得分:1)
尝试启用此行并更改referer url
curl_setopt($this->ch,CURLOPT_REFERER, 'http://www.google.com');
也许这也有帮助 http://www.php.net/manual/en/function.curl-setopt.php#78046