- 论坛徽章:
- 0
|
C#代码如下:
login 页面有一个button click事件来生成 Session
protected void OnBtnLoginClicked(object sender, EventArgs e)
{
.................
Session["UserID"] = user.User_Id;
}
数据处理页面会首先验证这个session然后才去处理数据。
private void Operation(string operation, HttpContext context)
{
if (HttpContext.Current.Session["UserID"] != null)
{ ........
context.Response.Write(json);
}
}
python 脚本如下:账号密码post方式登录成功以后继续post数据处理页面“AuditTrailHandler.ashx?operation=getlogisticactionlist”。这个数据处理页面有Session的验证,如果没有检测到Session就不返回数据。现在的情况就是对数据处理页面post之后没有返回值,对网站程序进行跟踪调试发现是HttpContext.Current.Session["UserID"] 没有生成出来。
import requests
import json
import time
ses = requests.session()
urlLogin = 'http://localhost:58528/login.aspx'
header = {
'Request': 'GET /login.aspx HTTP/1.1',
'Accept': 'text/html, application/xhtml+xml,*/*',
'Accept-Language': 'en-US',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',
'Accept-Encoding': 'gzip, deflate',
'Host': 'localhost:58528',
'Connection': 'Keep-Alive',
'Cache-Control': 'no-cache',
}
res = ses.get(url=urlLogin, headers=header)
print(res.url)
print('%s%s' % ("Get Cookies from Login", ses.cookies))
#print('%s%s' % ("Get Dict Cookies from Login", requests.utils.dict_from_cookiejar(ses.cookies)))
print('---------------------------------------------------------------------------')
header = {
'Request': 'POST /login.aspx HTTP/1.1',
'Accept': 'text/html, application/xhtml+xml,*/*',
'Referer': 'http://localhost:58528/login.aspx',
'Accept-Language': 'en-US',
'User-Agent': 'Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko',
'Content-Type': 'application/x-www-form-urlencoded',
'Accept-Encoding': 'gzip, deflate',
'Host': 'localhost',
'Content-Length': '560',
'Connection': 'Keep-Alive',
'Cache-Control': 'no-cache',
}
postData = {
'txtUserCode': 'engineer',
'txtPassword': 'password',
'__VIEWSTATE': "/wEPDwUJMjEzNDc0MjMzD2QWAgIDD2QWAgIFDxAPFgoeDURhdGFUZXh0RmllbGQFBFRleHQeFERhdGFUZXh0Rm9ybWF0U3RyaW5nBQV+ezB9fh4ORGF0YVZhbHVlRmllbGQFBENvZGUeC18hRGF0YUJvdW5kZx4HVmlzaWJsZWhkEBUCCX5FbmdsaXNofgx+TmVkZXJsYW5kc34VAgVlbi11cwVubC1ubBQrAwJnZxYBAgFkZA5CIqmPu1gpiKJwNGIaW01ArNfVuv5gt9jZnsCu3XrU",
'__VIEWSTATEGENERATOR': "C2EE9ABB",
'__EVENTVALIDATION': "/wEdAASZmKzqXkMRySpI0tNIsptWtw1OCjuD6m42paJnlnFE+HY2+Mc6SrnAqio3oCKbxYainihG6d/Xh3PZm3b5AoMQgZUkuPOMExPAXVeeZnfeRPwQHseHUpXLNswgqYW3qWg=",
'btnLogin': "Sign In",
}
res = ses.post(url=urlLogin, headers=header, data=postData, cookies=ses.cookies)
print(res.url)
print('%s%s' % ("Cookies from Login", ses.cookies))
print('---------------------------------------------------------------------------')
logisticUrl = "http://localhost:58528/Views/handlers/AuditTrailHandler.ashx?operation=getlogisticactionlist"
header = {
'Accept': '*/*',
'Accept-Encoding': 'gzip, deflate',
'Accept-Language': 'zh-CN,zh;q=0.9',
'Connection': 'keep-alive',
'Content-Length': '97',
'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
'Host': 'localhost:58528',
'Origin': 'http://localhost:58528',
'Referer': 'http://localhost:58528/Views/AuditTrail/LogisticActionList.aspx',
'User-Agent': 'Mozilla/5.0 (Linux; Android 6.0;'
'Nexus 5 Build/MRA58N) AppleWebKit/537.36 '
'(KHTML, like Gecko) Chrome/63.0.3239.132 Mobile Safari/537.36',
'X-Requested-With': 'XMLHttpRequest'
}
postData = json.dumps({'pageIndex': 1, 'beginDate': '2018-04-16', 'endDate': '2018-04-17',
'orderNumber': None, 'sortIndx': None, 'sortDir': None})
res = ses.post(url=logisticUrl, headers=header, data=postData, cookies=ses.cookies)
print(res.url)
st = '%s%s' % ('Access handler Page status: ', res.status_code)
print(st)
st = '%s%s' % ('Handler Page Cookies: ', ses.cookies)
print(st)
print(tuple(ses.cookies))
st = '%s%s' % ('Handler Page Header: ', res.headers)
print(st)
st = '%s%s' % ('Handler Page Test: ', res.content)
print(st)
|
|