带标头和数据的POST请求导致200 ok响应,但未添加用户

时间:2018-12-11 09:33:48

标签: python post python-requests postman

在创建此查询之前,在本主题中检查了很少的existing posts,并按照那里的步骤进行操作,仍然无法解决问题,因此请在此处再次提出解决方案。

以下是可从chrome中的检查元素“网络活动”中获取的握手代码。

Request URL: https://example.com/ne_rm/add/  
Request Method: POST
Status Code: 200 
Remote Address: 11.130.11.19:413
Referrer Policy: no-referrer-when-downgrade

accept-ranges: bytes
age: 0
cache-control: max-age=0
content-encoding: gzip
content-length: 22
content-type: text/html; charset=utf-8
date: Wed, 05 Dec 2018 09:27:21 GMT
expires: Wed, 05 Dec 2018 09:27:21 GMT
last-modified: Wed, 05 Dec 2018 09:27:21 GMT
server: tv
status: 200
vary: Accept-Encoding, Cookie
via: 1.1 varnish, 1.1 c34ac5faa133414ef7dde72a4f32c43d.cloudfront.net (CloudFront)
x-amz-cf-id: K3-mr0hE2iObHSoWssicdKTZzCGsWEUnSUSws1v-fln9jP1gT668sQ==
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-varnish: 3925923656

:authority: example.com
:method: POST
:path: /ne_rm/add/
:scheme: https
accept: application/json, text/javascript, */*; q=0.01
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
content-length: 72
content-type: application/x-www-form-urlencoded; charset=UTF-8
cookie: km_lv=x; _ga=GA1.2.927532329.1495375443; km_ai=xxx@mail.com;  km_ni=xx@gmail.com; sessionid=0j95mvy7sssxss41i6woawmj3nyqw11a; csrftoken=SDmN222meuuKexz3333nPXue2yw22TGV7dfff; _sp_id.df1c=15d71e85-964f-42ee-965a->4a9d8c0902ec.1538974408.1.1538974410.1538974408.37c368eb-6de7-4716-8e84->06b17f6e6914; __utmz=226258911.1539246301.382.19.utmcsr=google|utmccn=(organic)|utmcmd=organic|utmctr=(not%20provided); tv_ecuid=189b7a17-8451-4ae3-9443-3cec2dda407d; __utmc=226258911; _sp_ses.cf1a=*; __utma=226258911.927532329.1495375443.1543915752.1544001282.532; km_vs=1; _sp_id.cf1a=f53754cc-c8ba-42e2-a310-08566d71540d.1539169168.144.1544001661.1543915787.f1ddde18-9adf-4e88-a852-1485403f2587; kvcd=1544001661767; __utmb=226258911.10.9.1544001932454
origin: https://example.com
referer: https://example.com/script/Zo-Tester/
user-agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36
x-csrftoken: SDmN222meuuKexz3333nPXue2yw22TGV7dfff
x-language: in
x-requested-with: XMLHttpRequest

id: PUB;FMx5WvjpGrmETV username_recip: xxxxyyzzz

这里使用id和用户名作为数据,我想调用https://example.com/ne_rm/add/并将此用户名添加到列表中。使用POST Chrome扩展程序执行此操作时,我得到200 Ok作为响应,并且名称已添加到列表中。同时使用python代码执行此操作时,我确实获得了200 Ok作为响应代码,但操作未成功。

请注意POST浏览器在python中单独使用的最低运行要求是什么,但失败了。

您能帮我完成这项工作吗?

这是代码

import requests
import json

# *optional*, the site may not care about these. If they *do* care, then
# they care about keeping out automated scripts and could in future 
# raise the stakes and require more 'browser-like' markers. Ask yourself
# if you want to anger the site owners and get into an arms race.
headers = {
    'user-agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36',
    'origin':'https://www.example.com',
    'referer':'https://example.com/script/Zo-Tester/',
    'x-csrftoken': 'SDmN222meuuKexz333nPXue2yw22TGV7dfff',
}

payload = {
    'x-csrftoken': 'SDmN222meuuKexz333nPXue2yw22TGV7dfff',
    'username_recip':'xxxxyyzzz',
    'pine_id':'PUB;FMx5WvjpGrmETV',
}

url = 'https://www.example.com/ne_rm/add/'
# the URL from the Referer header, but others at the site would probably
# also work
#Referrer URL
initial_url = 'https://example.com/script/Zo-Tester/'

with requests.Session() as session:
    # obtain CSRF cookie
    #initial_response  = session.get(initial_url)
    #payload['csrf_test_name'] = session.cookies['csrf_cookie_name']

    # Now actually post with the correct CSRF cookie
    response = session.post(url, headers=headers, data=payload)
    print(response)
    input("wait")

1 个答案:

答案 0 :(得分:-1)

您需要取消注释# obtain CSRF cookie的一部分以获得新的x-csrftoken,如果我在您的Chrome标头中看到它的id而不是pine_id

import requests
import json


headers = {
    'user-agent': 'Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36',
    'origin':'https://www.example.com',
    'referer':'https://example.com/script/Zo-Tester/',
}

payload = {
    'username_recip':'xxxxyyzzz',
    'pine_id':'PUB;FMx5WvjpGrmETV' # it should be 'id' ?
}

url = 'https://www.example.com/ne_rm/add/'
initial_url = 'https://example.com/script/Zo-Tester/'

with requests.Session() as session:
    # obtain CSRF cookie
    initial_response  = session.get(initial_url)
    headers['x-csrftoken'] = session.cookies['csrftoken']

    # Now actually post with the correct CSRF cookie
    response = session.post(url, headers=headers, data=payload)
    print(response)
    input("wait")