我正在尝试使用python自动执行2个请求,第一个请求是GET
,第二个请求是POST
这是我使用Chrome手动进行操作的方式,
我在Chrome浏览器上访问了http://testserver/index
。
它提示我NTLM
登录。我提供了成功的用户名/密码。然后我转到另一页,
http://testserver/find_user
并输入username
进行搜索。我按Enter键,显示结果。
然后,我从Chrome复制curl
请求,将其转换为python代码并获得了此请求,
import requests
with requests.Session() as session:
session.auth = HttpNtlmAuth("DOSTR\\TESTUSER", getpass.getpass('Password:'))
url = "http://testserver/find_user"
payload = "username=test"
headers = {
'Connection': "keep-alive",
'Cache-Control': "max-age=0",
'Origin': "http://testserver",
'Upgrade-Insecure-Requests': "1",
'Content-Type': "application/x-www-form-urlencoded",
'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
'Referer': "http://testserver/find_user?thread=2&aftk-687=-719740030",
'Accept-Encoding': "gzip, deflate",
'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8",
'Cookie': "JSESSIONID=4D8270489027BCD04777AAB32769B3A9; lang=en; mode=index"
}
response = session.request("POST", url, data=payload, headers=headers)
print(response.text)
以上要求有效。
但是问题是我必须使用Chrome发出第一个请求以生成Cookie。
所以我也尝试使用Python发出第一个请求,并在第二个请求中使用它的cookie
with requests.Session() as session:
session.auth = HttpNtlmAuth("DOSTR\\TESTUSER", getpass.getpass('Password:'))
url = "http://testserver/index"
headers = {
'Connection': "keep-alive",
'Upgrade-Insecure-Requests': "1",
'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
'Accept-Encoding': "gzip, deflate",
'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8"
}
response = session.request("GET", url, headers=headers, allow_redirects=True)
# now 2nd request in same session with cookies of above response.
url = "http://testserver/find_user"
payload = "username=test"
headers = {
'Connection': "keep-alive",
'Cache-Control': "max-age=0",
'Origin': "http://testserver",
'Upgrade-Insecure-Requests': "1",
'Content-Type': "application/x-www-form-urlencoded",
'User-Agent': "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36",
'Accept': "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8",
'Referer': "http://testserver/find_user?thread=2&aftk-687=-719740030",
'Accept-Encoding': "gzip, deflate",
'Accept-Language': "en-GB,en-US;q=0.9,en;q=0.8"
}
response = session.request("POST", url, data=payload, headers=headers, cookies=response.cookies)
print(response.text)
但是我在第二个请求上总是遇到拒绝权限错误(GET
请求成功,如果打印输出,我可以看到输出)
仅当我在Chrome生成的第二个请求中使用Cookie时,它才有效,但当我使用python生成这些Cookie时,它不起作用
我不确定为什么第一个请求中的cookie在第二个请求中不起作用。
有人可以告诉我我在做什么错吗?
编辑:
Chrome中GET
请求的响应标头,
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Content-Encoding: gzip
Expires: Sat, 6 May 1995 12:00:00 GMT
Server: Microsoft-IIS/7.5
X-Frame-Options: DENY
Set-Cookie: JSESSIONID=F8DC91356195C0D1730638B81A60F6EB; Path=/index/; HttpOnly
Set-Cookie: lang=en; Expires=Mon, 09-Apr-2068 18:49:54 GMT
Persistent-Auth: true
X-Powered-By: ASP.NET
Date: Tue, 05 Feb 2019 21:24:57 GMT
Content-Length: 13267
Python中GET
请求的响应标头,
{'Cache-Control': 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0', 'Pragma': 'no-cache', 'Content-Length': '984', 'Content-Type': 'text/html;charset=UTF-8',
'Content-Encoding': 'gzip', 'Expires': 'Sat, 6 May 1995 12:00:00 GMT', 'Server': 'Microsoft-IIS/7.5', 'X-Frame-Options': 'DENY', 'Set-Cookie': 'JSESSIONID=EF3589A5EC319542C6254C16418F6265; Path=/index/; HttpOnly', 'Persistent-Auth': 'true', 'X-Powered-By': 'ASP.NET', 'Date': 'Tue, 05 Feb 2019 21:27:33 GMT'}