多段POST请求返回403禁止

时间:2020-03-09 18:46:20

标签: c# post xmlhttprequest

**向Xenforo论坛发出了请求,以发布消息(我正在制作PC客户端,目的是为用户制作工具) EDIT :提及:我能够正确登录,但该数据包使用url参数,而不是带有边界的多部分参数。也许我可以通过某种方式将此参数作为参数发送?

这是我要发出的请求:

content-type: multipart/form-data; boundary=----WebKitFormBoundaryXbKA9LAnz7mtDrMB
content-length: 1362
x-requested-with: XMLHttpRequest

表格数据:

------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="message_html"

<p>Message here</p>
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="attachment_hash"

eb1e7f44621360ec2dbffade55b211ce
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="attachment_hash_combined"

{"type":"post","context":{"thread_id":3075},"hash":"eb1e7f44621360ec2dbffade55b211ce"}
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="last_date"

1583778299
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="last_known_date"

1583778299
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="_xfToken"

143712896,f80153fecc37cd40d1796092b6f2ba53
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="_xfRequestUri"

/threads/123
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="_xfWithData"

1
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="_xfToken"

143712896,f80153fecc37cd40d1796092b6f2ba53
------WebKitFormBoundaryXbKA9LAnz7mtDrMB
Content-Disposition: form-data; name="_xfResponseType"

json
------WebKitFormBoundaryXbKA9LAnz7mtDrMB--

这是我实现它的方法(使用HttpWebRequest):

 LoginReq.Method = "POST";
                    LoginReq.KeepAlive = true;
                    LoginReq.CookieContainer = Cookies;
                    LoginReq.ContentType = "multipart/form-data; boundary=" + Boundary;
                    LoginReq.Referer = "xenforo.com";
                    LoginReq.UserAgent = UA;

                    MemoryStream PostDataStream = new MemoryStream();
                    StreamWriter FormDataWriter = new StreamWriter(PostDataStream);

                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"message_html\"\r\n\r\n<p>{0}</p>", Message);
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"attachment_hash\"\r\n\r\n1fc9b3ba411cb2b7f2302320a4dea08f");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"attachment_hash_combined\"\r\n\r\n{\"type\":\"post\",\"context\":{\"thread_id\":3060},\"hash\":\"1fc9b3ba411cb2b7f2302320a4dea08f\"}");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"last_date\"\r\n\r\n1583767454");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"last_known_date\"\r\n\r\n1583767454");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"_xfToken\"\r\n\r\n143712896,f80153fecc37cd40d1796092b6f2ba53");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"_xfRequestUri\"\r\n\r\n/threads/123");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"_xfWithData\"\r\n\r\n1");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"_xfToken\"\r\n\r\n143712896,f80153fecc37cd40d1796092b6f2ba53");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");
                    FormDataWriter.Write("Content-Disposition: form-data; name=\"_xfResponseType\"\r\n\r\njson");
                    FormDataWriter.Write("\r\n--" + Boundary + "\r\n");

                    FormDataWriter.Write("\r\n--" + Boundary + "--\r\n");
                    FormDataWriter.Flush();

                    LoginReq.ContentLength = PostDataStream.Length;

                    using (Stream S = LoginReq.GetRequestStream())
                    {
                        PostDataStream.WriteTo(S);
                    }
                    PostDataStream.Close();

                    HttpWebResponse LoginResp = (HttpWebResponse)LoginReq.GetResponse();
                    Cookies.Add(LoginResp.Cookies);
                    LoginResp.Close();

几个问题:

1)我可以使用chrome的开发人员工具通过捕获请求数据包并重新发送来重新发送它,但是我不能从我那里重新发送它。我意识到这可能是xenforo令牌,但是我正在使用浏览器登录实例中的默认令牌。因为我无法使用我可以使用的xenforo API,是否有一种生成令牌的方法,这对将来的了解很有帮助

2)我不确定如何格式化请求流中的表单数据。我正在使用另一个教程使用的/ r / n。我知道/ r表示转到行的开头,而/ n表示换行符,但是为什么网站需要这些内容?我可以正确使用它们吗?

3)

0 个答案:

没有答案
相关问题
最新问题