React-native:POST请求可从iOS应用程序运行,但从Android提交时正文为空

时间:2018-06-30 01:11:18

标签: react-native nginx https

我有一个本机应用程序,正在向nginx服务器代理后面的基于Flask的Web应用程序发送POST请求,以供用户登录。

这是登录代码:




async function signInPost(csrf, email, password, data) {
  let reqBody = {
    email,
    password,
    confirm: password
  }

  const url = dispatchEndpoint(host, "signin")
  const resp = await request.post(url, reqBody, {
    headers: {
      'Accept': 'application/json',
      'Content-Type': 'application/json',
      'X-CSRFToken': csrf,
    }
  });
  const respBody = resp.data;
  if (respBody.status === 'success') {
    return Promise.resolve(data);
  }

  if (respBody.hasOwnProperty('flash')) {
    return Promise.reject(new Error(respBody.flash))
  }

  if (respBody.hasOwnProperty('form') && respBody.form.hasOwnProperty('errors')) {
    let es = extractErrors(respBody.form.errors)
    return Promise.reject(new Error(es))
  }
}

从该应用的iOS版本开始,请求已正常到达Web应用(我将凭据的实际值置为空白):

async function signInPost(csrf, email, password, data) {
  let reqBody = {
    email,
    password,
    confirm: password
  }

  const url = dispatchEndpoint(host, "signin")
  const resp = await request.post(url, reqBody, {
    headers: {
      'Accept': 'application/json',
      'Content-Type': 'application/json',
      'X-CSRFToken': csrf,
    }
  });
  const respBody = resp.data;
  if (respBody.status === 'success') {
    return Promise.resolve(data);
  }

  if (respBody.hasOwnProperty('flash')) {
    return Promise.reject(new Error(respBody.flash))
  }

  if (respBody.hasOwnProperty('form') && respBody.form.hasOwnProperty('errors')) {
    let es = extractErrors(respBody.form.errors)
    return Promise.reject(new Error(es))
  }
}

但是,当我尝试从该应用的Android版本登录时,我得到一个空的请求正文:

POST request: http://127.0.0.1:5000/account/signin?response_format=json

Cookie: session=.eJxFzM0KgkAQAOBXiTl3CHUvggdjVfawI8LWMnMRKssd-4EKIsV3z1vfA3wTtOEE6QSrA6Rgq31Ab74UsaAue6wKhZIr1jZhMQm5RtFoP-xNBvMajq_nuX0_hu7-L6S8ousDShPbkW-1p5gdCjuKa51HXPHS7hKSrWDEA-piQ5ds6eYf7H0rzg.DhhP-A.v57cBRLglqzc6jhAr77bz_nBs0A
X-Csrftoken: 1530317960.89##2b9b575ddb01994c9350770e93533192d6435bfb

Content-Length: 84

User-Agent: Globalme/1 CFNetwork/901.1 Darwin/17.6.0

Connection: close

Host: 127.0.0.1:5000

Accept: application/json

Accept-Language: en-us
Content-Type: application/json
Accept-Encoding: br, gzip, deflate


Body:

password:-------
email:--------
confirm:------

Body FULL:
MultiDict([(u'password', u'------'), (u'email', u'------'), (u'confirm', u'-----')])

Content-Length在两个POST请求中几乎都匹配,因此我怀疑这是nginx的一些安全问题,或者是服务器上的其他问题。

请注意,两个应用程序仍处于开发模式。他们没有签名。

感谢您提供的任何帮助。

更新:我刚刚增强了Nginx日志格式以包括请求主体,并且主体的Android版本正在显示:

POST request: http://127.0.0.1:5000/account/signin?response_format=json

Cookie: session=.eJw9zN0KgjAUAOBXiXPdRciuBC8CdSw4RyZbst0I_bE2LahgOvHd66rvAb4F-vsF8gU2J8iBOh0xUUBlXaMCw07OxKtox4pRaoPxIaHCmUpRwLqF8_t16z_PcH38C9NpRrwe7CgjZeSa8hgsNxNxEa0XO-PbAZOeSNXOJJkwOzjaF79u_QKH-S4O.DhhTsw.Uykv39nl_1AwTaDc-HzP_l0y3bY

X-Csrftoken: 1530318915.4##0031a56bb2a1440dc05343e8ae59ebd043be765e

Content-Length: 85

User-Agent: okhttp/3.6.0

Connection: close

Host: 127.0.0.1:5000

Accept: application/json

Content-Type: application/json;charset=utf-8

Accept-Encoding: gzip

Body:

Body FULL:
ImmutableMultiDict([])

Nginx是否有可能在记录后“消毒”身体?还是这与我基于Flask的Web应用程序有关?

1 个答案:

答案 0 :(得分:0)

服务器端代码确实是罪魁祸首。在请求处理的某个地方,它严格接受“ application / json”

iOS确实发送了Content-Type标头,但是Android发送了“ application / json; charset = utf-8”

我在服务器端解决了该问题,并解决了该问题。

相关问题
最新问题