我正在尝试使用Powershell在Tomcat管理器中加载会话工具。问题是,它受到反CSRF插件的保护,所以链接看起来像这样:。
http://servername/manager/html/sessions?path=/application&org.apache.catalina.filters.CSRF_NONCE=4DA3A97B62C58761CC2F0B9FFB6F16C7
问题是,当我尝试下载网页源时,我收到错误:
"The remote server returned an error: (403) Forbidden."
我用来检索此信息的代码是:
$url_session_tool = "http://servername/manager"
$login_manager = "login"
$password_manager = "password"
$webclient = New-Object System.Net.WebClient
$credCache = New-Object System.Net.CredentialCache
$cred = New-Object System.Net.NetworkCredential($login_manager, $password_manager)
$credCache.Add($url_session_tool, "Basic", $cred)
$webclient.Credentials = $credCache
然后我搜索特定的url模式以获取特定应用程序的会话详细信息的链接,当我获取$ pagepage的url时,执行以下代码:
#$webpage = http://servername/manager/html/sessions?path=/application&org.apache.catalina.filters.CSRF_NONCE=4DA3A97B62C58761CC2F0B9FFB6F16C7
$credCache.Add($webpage, "Basic", $cred)
$webclient.Credentials = $credCache
$stuff = $webclient.DownloadData($webpage)
我的问题是:如何使用Powershell处理这种CSRF保护?有什么想法吗?