使用Python请求会话进行多个请求时,权限被拒绝

时间:2019-02-05 21:14:47

标签: python python-3.x http python-requests

我正在尝试使用python自动执行2个请求,第一个请求是GET,第二个请求是POST

这是我使用Chrome手动进行操作的方式,

我在Chrome浏览器上访问了http://testserver/index。 它提示我NTLM登录。我提供了成功的用户名/密码。然后我转到另一页, http://testserver/find_user并输入username进行搜索。我按Enter键,显示结果。

然后,我从Chrome复制curl请求,将其转换为python代码并获得了此请求,

import requests

with requests.Session() as session:
    session.auth = HttpNtlmAuth("DOSTR\\TESTUSER", getpass.getpass('Password:'))

    url = "http://testserver/find_user"

    payload = "username=test"

    headers = {
        'Connection': "keep-alive",
        'Cache-Control': "max-age=0",
        'Origin': "http://testserver",
        'Upgrade-Insecure-Requests': "1",
        'Content-Type': "application/x-www-form-urlencoded",
        'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
        'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
        'Referer': "http://testserver/find_user?thread=2&aftk-687=-719740030",
        'Accept-Encoding': "gzip, deflate",
        'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8",
        'Cookie': "JSESSIONID=4D8270489027BCD04777AAB32769B3A9; lang=en; mode=index"
        }

    response = session.request("POST", url, data=payload, headers=headers)

    print(response.text)

以上要求有效。

但是问题是我必须使用Chrome发出第一个请求以生成Cookie。

所以我也尝试使用Python发出第一个请求,并在第二个请求中使用它的cookie

with requests.Session() as session:
    session.auth = HttpNtlmAuth("DOSTR\\TESTUSER", getpass.getpass('Password:'))
    url = "http://testserver/index" 
    headers = {
        'Connection': "keep-alive",
        'Upgrade-Insecure-Requests': "1",
        'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
        'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
        'Accept-Encoding': "gzip, deflate",
        'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8"
        }

    response = session.request("GET", url, headers=headers, allow_redirects=True)

    # now 2nd request in same session with cookies of above response.

    url = "http://testserver/find_user"

    payload = "username=test"

    headers = {
        'Connection': "keep-alive",
        'Cache-Control': "max-age=0",
        'Origin': "http://testserver",
        'Upgrade-Insecure-Requests': "1",
        'Content-Type': "application/x-www-form-urlencoded",
        'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
        'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
        'Referer': "http://testserver/find_user?thread=2&aftk-687=-719740030",
        'Accept-Encoding': "gzip, deflate",
        'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8"
        }

    response = session.request("POST", url, data=payload, headers=headers, cookies=response.cookies)

    print(response.text)

但是我在第二个请求上总是遇到拒绝权限错误(GET请求成功,如果打印输出,我可以看到输出)

仅当我在Chrome生成的第二个请求中使用Cookie时,它才有效,但当我使用python生成这些Cookie时,它不起作用

我不确定为什么第一个请求中的cookie在第二个请求中不起作用。

有人可以告诉我我在做什么错吗?

编辑:

Chrome中GET请求的响应标头,

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 6 May 1995 12:00:00 GMT
Server: Microsoft-IIS/7.5
X-Frame-Options: DENY
Set-Cookie: JSESSIONID=F8DC91356195C0D1730638B81A60F6EB; Path=/index/; HttpOnly
Set-Cookie: lang=en; Expires=Mon, 09-Apr-2068 18:49:54 GMT
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Tue, 05 Feb 2019 21:24:57 GMT
Content-Length: 13267

Python中GET请求的响应标头,

{'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Pragma': 'no-cache', 'Content-Length': '984', 'Content-Type': 'text/html;charset=UTF-8',
 'Content-Encoding': 'gzip', 'Expires': 'Sat, 6 May 1995 12:00:00 GMT', 'Server': 'Microsoft-IIS/7.5', 'X-Frame-Options': 'DENY', 'Set-Cookie': 'JSESSIONID=EF3589A5EC319542C6254C16418F6265; Path=/index/; HttpOnly', 'Persistent-Auth': 'true', 'X-Powered-By': 'ASP.NET', 'Date': 'Tue, 05 Feb 2019 21:27:33 GMT'}

0 个答案:

没有答案