我无法访问后端服务器,我通过网络分析了API。我想使用该API上传文件。我发现在该API的post请求中没有参数。我在网络中观察到请求有效负载。
响应标题
缓存控制:无缓存 连接:保持活跃 内容长度:135 内容类型:text / html的;字符集= utf-8的 日期:星期六,2016年8月6日14:32:00 GMT 位置:http://myURL 服务器:nginx / 1.2.3 设置Cookie:_mystore2_session = BAh7CEkiD3Nlc3Npb25faWQGOgZFRkkiJTAxYzJhNTBkYmY3ZTRkYTBhYmY4NzhjNzdmNGY5OWRhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXB0WEl6NnZKSnF2ZVNCTTVXdnEzODdqWkc0cXFsN1RiTDB4d3o4WWo2aUE9BjsARkkiGXdhcmRlbi51c2VyLnVzZXIua2V5BjsAVFsISSIQU3ByZWU6OlVzZXIGOwBGWwZpAzggAUkiGXk0MTFIUTdVUktORkh2MzFCeEtFBjsARg%3D%3D - 63863b861eb33b48b3137d187b2113fe90a930f3;路径= /;仅Http 状态:302找到 X-Rack-Cache:无效,通过 X-请求ID:3c843dc4dcb55bcf5f15e139264fa9be X-运行时间:0.884597 X-UA-兼容:IE =边沿,铬= 1
请求标题
接受:text / html的,应用/ XHTML + xml的,应用/ XML; Q = 0.9,图像/ WEBP, / 的; Q = 0.8 Accept-Encoding:gzip,deflate 接受语言:EN-US,EN; Q = 0.8 缓存控制:无缓存 连接:保持活跃 内容长度:642389 内容类型:多部分/格式的数据;边界= ---- WebKitFormBoundary2rjUr5SSxx3BXjGn Cookie的:S =; lat_lon = 33.69%2673.0551; __utmt = 1; _mystore2_session = BAh7CUkiD3Nlc3Npb25faWQGOgZFRkkiJTAxYzJhNTBkYmY3ZTRkYTBhYmY4NzhjNzdmNGY5OWRhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXB0WEl6NnZKSnF2ZVNCTTVXdnEzODdqWkc0cXFsN1RiTDB4d3o4WWo2aUE9BjsARkkiGXdhcmRlbi51c2VyLnVzZXIua2V5BjsAVFsISSIQU3ByZWU6OlVzZXIGOwBGWwZpAzggAUkiGXk0MTFIUTdVUktORkh2MzFCeEtFBjsARkkiCmZsYXNoBjsARm86JUFjdGlvbkRpc3BhdGNoOjpGbGFzaDo6Rmxhc2hIYXNoCToKQHVzZWRvOghTZXQGOgpAaGFzaHsHOg5hbmFseXRpY3NUOgxzdWNjZXNzVDoMQGNsb3NlZEY6DUBmbGFzaGVzewc7CnsIOg1jYXRlZ29yeUkiDENvbnRhY3QGOwBGOgthY3Rpb25JIhFsZWFkX2NhcHR1cmUGOwBGOgpsYWJlbEkiFFNlbGwgTW90b3JjeWNsZQY7AEY7C0kiLFVwbG9hZCBpbWFnZXMgdG8gYWN0aXZhdGUgeW91ciBsaXN0aW5nIQY7AEY6CUBub3cw - c3c1b5d437fd04a80dc888822811d2d4d354ae29; __utma = 129180296.2104761345.1470477279.1470488831.1470491357.3; __utmb = 129180296.10.9.1470493699533; __utmc = 129180296; __utmz = 129180296.1470477279.1.1.utmcsr =(直接)| utmccn =(直接)| utmcmd =(无) 主持人:www.usedmotorcycles.net 原产地:myURL 附注:无缓存 引用者:myURL 升级不安全,要求:1 User-Agent:Mozilla / 5.0(Windows NT 6.2; WOW64)AppleWebKit / 537.36(KHTML,与Gecko一样)Chrome / 51.0.2704.103 Safari / 537.36
请求有效负载
------ WebKitFormBoundary2rjUr5SSxx3BXjGn 内容处理:表格数据;名称= “UTF-8”
✓ ------ WebKitFormBoundary2rjUr5SSxx3BXjGn 内容处理:表格数据; NAME = “authenticity_token”
ptXIz6vJJqveSBM5Wvq387jZG4qql7TbL0xwz8Yj6iA = ------ WebKitFormBoundary2rjUr5SSxx3BXjGn 内容处理:表格数据; NAME = “图像[附件]”; filename =“Screenshot(156).png” 内容类型:image / png
如何使用curl payload提交我的文件?
答案 0 :(得分:1)
引用:string str2 {65, 'a'};
错了,有一堆参数,仅举几例:Aa
,I have observed that there are no parameters in post request to that API
,Cookie:s
,lat_lon
,__utmt
和更多。
此外,这不是您向我们展示的完整请求标头。一个,它错过了 请求类型(尽管它可能是一个POST请求) 无论如何,要用curl复制它,它就像:
_mystore2_session
注意:这不是完整的代码,它缺少__utma
和<?php
$ch=curl_init();
curl_setopt_array($ch,array(
CURLOPT_URL=>'???',
CURLOPT_ENCODING=>'',
CURLOPT_POST=>true,
CURLOPT_POSTFIELDS=>array(
'Cookie:s'=>'',
'lat_lon'=>'33.69&73.0551',
'_mystore2_session'=>'BAh7CUkiD3Nlc3Npb25faWQGOgZFRkkiJTAxYzJhNTBkYmY3ZTRkYTBhYmY4NzhjNzdmNGY5OWRhBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMXB0WEl6NnZKSnF2ZVNCTTVXdnEzODdqWkc0cXFsN1RiTDB4d3o4WWo2aUE9BjsARkkiGXdhcmRlbi51c2VyLnVzZXIua2V5BjsAVFsISSIQU3ByZWU6OlVzZXIGOwBGWwZpAzggAUkiGXk0MTFIUTdVUktORkh2MzFCeEtFBjsARkkiCmZsYXNoBjsARm86JUFjdGlvbkRpc3BhdGNoOjpGbGFzaDo6Rmxhc2hIYXNoCToKQHVzZWRvOghTZXQGOgpAaGFzaHsHOg5hbmFseXRpY3NUOgxzdWNjZXNzVDoMQGNsb3NlZEY6DUBmbGFzaGVzewc7CnsIOg1jYXRlZ29yeUkiDENvbnRhY3QGOwBGOgthY3Rpb25JIhFsZWFkX2NhcHR1cmUGOwBGOgpsYWJlbEkiFFNlbGwgTW90b3JjeWNsZQY7AEY7C0kiLFVwbG9hZCBpbWFnZXMgdG8gYWN0aXZhdGUgeW91ciBsaXN0aW5nIQY7AEY6CUBub3cw--c3c1b5d437fd04a80dc888822811d2d4d354ae29',
'image'=>array(new CURLFile('/path/to/file.png','image/png','Screenshot (156).png'))
//and more post data here.
),
CURLOPT_HTTPHEADER=>array(
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8',
'Accept-Language: en-US,en;q=0.8',
'Cache-Control: no-cache',
'Pragma: no-cache',
'Origin: myURL',
//and more headers here
),
CURLOPT_USERAGENT=>'Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36',
));
curl_exec($ch);
的大量数据,但这应该可以帮助您开始