GET请求可以在浏览器中使用,但不能在POSTMAN中使用 - Cloudfare拒绝它

时间:2018-01-21 06:26:05

标签: rest api postman

  1. 我正在尝试访问以下API,这就是行为 API = https://api.btcxindia.com/ticker/
  2. 从Postman访问此API时,我得到了输出。但是,如果我让邮递员打开并在10分钟后进行测试 - 输出错误

    Error : <!DOCTYPE HTML> <html lang="en-US">
        <head>
            <meta charset="UTF-8" />
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
            <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
            <meta name="robots" content="noindex, nofollow" />
            <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
            <title>Just a moment...</title>
            <style type="text/css">
        html, body {width: 100%; height: 100%; margin: 0; padding: 0;}
        body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;}
        h1 {font-size: 1.5em; color: #404040; text-align: center;}
        p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;}
        #spinner {margin: 0 auto 30px auto; display: block;}
        .attribution {margin-top: 20px;}
        @-webkit-keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% {
    -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
        @keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% {
    -webkit-transform: translateY(0); transform: translateY(0); } }
        .bubbles { background-color: #404040; width:15px; height: 15px; margin:2px; border-radius:100%; -webkit-animation:bubbles 0.6s 0.07s infinite ease-in-out; animation:bubbles 0.6s 0.07s infinite ease-in-out; -webkit-animation-fill-mode:both; animation-fill-mode:both; display:inline-block; }   </style>
            <script type="text/javascript">   //
                <![CDATA[   (function(){
        var a = function() {try{return !!window.addEventListener} catch(e) {return !1} },
        b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)};
        b(function(){
          var a = document.getElementById('cf-content');a.style.display = 'block';
          setTimeout(function(){
            var s,t,o,p,b,r,e,a,k,i,n,g,f, zHvFeWz={"vFQLFVZTSM":+((!+[]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]+!![]+!![]))};
            t = document.createElement('div');
            t.innerHTML="<a href='/'>x</a>";
            t = t.firstChild.href;r = t.match(/https?:\/\//)[0];
            t = t.substr(r.length); t = t.substr(0,t.length-1);
            a = document.getElementById('jschl-answer');
            f = document.getElementById('challenge-form');
            ;zHvFeWz.vFQLFVZTSM+=+((+!![]+[])+(+!![]));zHvFeWz.vFQLFVZTSM-=+((!+[]+!![]+[])+(+!![]));zHvFeWz.vFQLFVZTSM*=+((!+[]+!![]+[])+(+!![]));zHvFeWz.vFQLFVZTSM+=+((!+[]+!![]+!![]+!![]+[])+(+!![]));zHvFeWz.vFQLFVZTSM*=+((!+[]+!![]+!![]+!![]+[])+(+[]));zHvFeWz.vFQLFVZTSM*=+((!+[]+!![]+!![]+!![]+[])+(+!![]));zHvFeWz.vFQLFVZTSM+=+((+!![]+[])+(!+[]+!![]));zHvFeWz.vFQLFVZTSM+=+((!+[]+!![]+!![]+!![]+[])+(!+[]+!![]+!![]+!![]+!![]));a.value
    = parseInt(zHvFeWz.vFQLFVZTSM, 10) + t.length; '; 121'
            f.action += location.hash;
            f.submit();
          }, 4000);
        }, false);   })();   //]]>
            </script>
        </head>
        <body>
            <table width="100%" height="100%" cellpadding="20">
                <tr>
                    <td align="center" valign="middle">
                        <div class="cf-browser-verification cf-im-under-attack">
                            <noscript>
                                <h1 data-translate="turn_on_js" style="color:#bd2426;">Please turn JavaScript on and reload the page.</h1>
                            </noscript>
                            <div id="cf-content" style="display:none">
                                <div>
                                    <div class="bubbles"></div>
                                    <div class="bubbles"></div>
                                    <div class="bubbles"></div>
                                </div>
                                <h1>
                                    <span data-translate="checking_browser">Checking your browser before accessing</span> btcxindia.com.
                                </h1>
                                <p data-translate="process_is_automatic">This process is automatic. Your browser will redirect to your requested content shortly.</p>
                                <p data-translate="allow_5_secs">Please allow up to 5 seconds&hellip;</p>
                            </div>
                            <form id="challenge-form" action="/cdn-cgi/l/chk_jschl" method="get">
                                <input type="hidden" name="jschl_vc" value="dbc7ac6d545de8521a2a3f24574a78a4"/>
                                <input type="hidden" name="pass" value="1516515065.895-rdlkMQJ0RT"/>
                                <input type="hidden" id="jschl-answer" name="jschl_answer"/>
                            </form>
                        </div>
                        <div class="attribution">
                            <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=iuam" target="_blank" style="font-size: 12px;">DDoS protection by Cloudflare</a>
                            <br>
                Ray ID: 3e081d20db788866
    
                        </div>
                    </td>
                </tr>
            </table>
        </body> </html>
    
    1. 但是,如果从浏览器测试时使用相同的API,即使我多次尝试也不会失败。
    2. 修改-1 谢谢你的意见。我想提供更多细节。请从DEV工具中找到附图 enter image description here

      第1步:在POSTMAN中执行请求。请找到结果

      以下是我能找到的自动填充标题详细信息

      alternate-protocol →443:spdy/3.1
      cache-control →no-store, no-cache
      cf-ray →3e19a7fc98652f11-DEL
      content-encoding →gzip
      content-type →application/json
      date →Tue, 23 Jan 2018 09:16:48 GMT
      expect-ct →max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
      expires →0
      pragma →no-cache
      server →cloudflare
      status →200
      strict-transport-security →max-age=31536000
      vary →Accept-Encoding
      

      Cookie详细信息 enter image description here

      enter image description here

      第2步:5分钟后,我只是点击发送邮差 - 我收到以下错误

      <!DOCTYPE HTML> <html lang="en-US">
          <head>
              <meta charset="UTF-8" />
              <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
              <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1" />
              <meta name="robots" content="noindex, nofollow" />
              <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
              <title>Just a moment...</title>
              <style type="text/css">
          html, body {width: 100%; height: 100%; margin: 0; padding: 0;}
          body {background-color: #ffffff; font-family: Helvetica, Arial, sans-serif; font-size: 100%;}
          h1 {font-size: 1.5em; color: #404040; text-align: center;}
          p {font-size: 1em; color: #404040; text-align: center; margin: 10px 0 0 0;}
          #spinner {margin: 0 auto 30px auto; display: block;}
          .attribution {margin-top: 20px;}
          @-webkit-keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% {
      -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% { -webkit-transform: translateY(0); transform: translateY(0); } }
          @keyframes bubbles { 33%: { -webkit-transform: translateY(10px); transform: translateY(10px); } 66% { -webkit-transform: translateY(-10px); transform: translateY(-10px); } 100% {
      -webkit-transform: translateY(0); transform: translateY(0); } }
          .bubbles { background-color: #404040; width:15px; height: 15px; margin:2px; border-radius:100%; -webkit-animation:bubbles 0.6s 0.07s infinite ease-in-out; animation:bubbles 0.6s 0.07s infinite ease-in-out; -webkit-animation-fill-mode:both; animation-fill-mode:both; display:inline-block; }   </style>
              <script type="text/javascript">   //
                  <![CDATA[   (function(){
          var a = function() {try{return !!window.addEventListener} catch(e) {return !1} },
          b = function(b, c) {a() ? document.addEventListener("DOMContentLoaded", b, c) : document.attachEvent("onreadystatechange", b)};
          b(function(){
            var a = document.getElementById('cf-content');a.style.display = 'block';
            setTimeout(function(){
              var s,t,o,p,b,r,e,a,k,i,n,g,f, gabJCII={"Hoov":+((!+[]+!![]+!![]+[])+(!+[]+!![]))};
              t = document.createElement('div');
              t.innerHTML="<a href='/'>x</a>";
              t = t.firstChild.href;r = t.match(/https?:\/\//)[0];
              t = t.substr(r.length); t = t.substr(0,t.length-1);
              a = document.getElementById('jschl-answer');
              f = document.getElementById('challenge-form');
              ;gabJCII.Hoov-=+((!+[]+!![]+!![]+[])+(!+[]+!![]));a.value = parseInt(gabJCII.Hoov, 10) + t.length; '; 121'
              f.action += location.hash;
              f.submit();
            }, 4000);
          }, false);   })();   //]]>
              </script>
          </head>
          <body>
              <table width="100%" height="100%" cellpadding="20">
                  <tr>
                      <td align="center" valign="middle">
                          <div class="cf-browser-verification cf-im-under-attack">
                              <noscript>
                                  <h1 data-translate="turn_on_js" style="color:#bd2426;">Please turn JavaScript on and reload the page.</h1>
                              </noscript>
                              <div id="cf-content" style="display:none">
                                  <div>
                                      <div class="bubbles"></div>
                                      <div class="bubbles"></div>
                                      <div class="bubbles"></div>
                                  </div>
                                  <h1>
                                      <span data-translate="checking_browser">Checking your browser before accessing</span> btcxindia.com.
                                  </h1>
                                  <p data-translate="process_is_automatic">This process is automatic. Your browser will redirect to your requested content shortly.</p>
                                  <p data-translate="allow_5_secs">Please allow up to 5 seconds&hellip;</p>
                              </div>
                              <form id="challenge-form" action="/cdn-cgi/l/chk_jschl" method="get">
                                  <input type="hidden" name="jschl_vc" value="f4e119ff9275afc0a1dd291cd3ecf994"/>
                                  <input type="hidden" name="pass" value="1516699334.127-JXvj0i+E1V"/>
                                  <input type="hidden" id="jschl-answer" name="jschl_answer"/>
                              </form>
                          </div>
                          <div class="attribution">
                              <a href="https://www.cloudflare.com/5xx-error-landing?utm_source=iuam" target="_blank" style="font-size: 12px;">DDoS protection by Cloudflare</a>
                              <br>
                  Ray ID: 3e19afdd4f322f11
      
                          </div>
                      </td>
                  </tr>
              </table>
          </body> </html>
      

      标题详情

      cache-control →no-cache
      cf-ray →3e19afdd4f322f11-DEL
      content-type →text/html; charset=UTF-8
      date →Tue, 23 Jan 2018 09:22:10 GMT
      expect-ct →max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
      server →cloudflare
      status →503
      x-frame-options →SAMEORIGIN
      

      Cookie详细信息 enter image description here

1 个答案:

答案 0 :(得分:0)

这可能不是针对您情况的确切解决方案,但是有一个名为Interceptor的Chrome扩展程序,该扩展程序可让您通过Chrome重定向邮递员查询。如果您需要经常使用它并且不想手动复制cookie等,这可能是一个很好的选择。

  

检查您的邮递员是否能够与Interceptor进行交互,而最新的Linux snap v6.7.1则不能!

检查:How do I access Chrome's cookies in Postman's Chrome App 和:Interceptor extension