Ruby Mechanize 在身份验证重定向期间崩溃; sslv3 警报非法参数
我的脚本尝试通过表单登录网站。在身份验证过程中被重定向多次后,它会崩溃并显示 sslv3 警报非法参数。我想知道 cookie 是否发生了奇怪的事情,所以我用 DEBUG 输出检查了 HTML 标头。两个输出粘贴在下面。
其他一些奇怪的事情:click_button 和 submit 方法似乎做了不同的事情;也就是说,click_button 使重定向的执行时间更长一些,但它也会因上述错误而崩溃。 submit 不会使程序崩溃,但登录似乎也不起作用。我尝试在旧版本的 Ruby 上运行它,并且在使用 click_button 时错误变成 connection_refused 错误,并且在使用 submit 时行为相同。
这里是我在 .txt 的第一段中提到的输出,以防您发现下面的文本很困难阅读。
当我运行脚本时调试输出:
`I, [2010-11-15T17:52:20.462201 #22853] INFO -- : follow redirect to: htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814682&uin_in=XXXXXXXXX&digest_in=be34b4b470a0da1831c7c432e353c320
/usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect': SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert illegal parameter (OpenSSL::SSL::SSLError)
from /usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect'
from /usr/lib/ruby/1.9.1/net/http.rb:637:in 'do_start'
from /usr/lib/ruby/1.9.1/net/http.rb:632:in 'start'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:527:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:464:in 'post_form'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:370:in 'submit'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:141:in 'submit'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:147:in 'click_button'
from ./courseChecker.rb:33:in 'block in '
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:262:in 'get'
from ./courseChecker.rb:26:in ''`
来自成功的 Firefox 登录的 HTML HEADERS TRACE:
`htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f` `GET /BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f HTTP/1.1 Host: xx2web1.apps.XXXXXXXXX.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101027 Firefox/3.6.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: htps://eas.admin.XXXXXXXXX.com/eas/servlet/EasLogin?redirect=htps://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1 Cookie: RedirectString=https://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1; EnterpriseSessionId=8cc56f29-28de-4a01-96b8-6f58c30d6b6e-155.69.191.54; TESTID=test` `HTTP/1.1 200 OK Date: Mon, 15 Nov 2010 09:42:03 GMT Server: Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Content-Length: 228 Set-Cookie: SESSID=RTlCTzQ4MTc5NDAzOQ== Connection: close Content-Type: text/html; charset=UTF-8`
My script attempts to log into a website via a form. After being redirected several times during authentication, it crashes with an sslv3 alert illegal parameter. I was wondering if something weird was going on with the cookies so I checked the HTML headers with the DEBUG output. The two outputs are pasted below.
Some other weird things: the click_button and submit methods appear to do different things; namely, click_button gets the execution of the redirections to last a little longer, but it also crashes with the above error. submit doesn't crash the program, but the login doesn't appear to work either. I tried running it on an older version of Ruby and the error turns into a connection_refused error while using click_button and the behavior is identical while using submit.
DEBUG OUTPUT when I run the script:
`I, [2010-11-15T17:52:20.462201 #22853] INFO -- : follow redirect to: htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814682&uin_in=XXXXXXXXX&digest_in=be34b4b470a0da1831c7c432e353c320
/usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect': SSL_connect returned=1 errno=0 state=SSLv2/v3 read server hello A: sslv3 alert illegal parameter (OpenSSL::SSL::SSLError)
from /usr/lib/ruby/1.9.1/net/http.rb:677:in 'connect'
from /usr/lib/ruby/1.9.1/net/http.rb:637:in 'do_start'
from /usr/lib/ruby/1.9.1/net/http.rb:632:in 'start'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:527:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:611:in 'fetch_page'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:464:in 'post_form'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:370:in 'submit'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:141:in 'submit'
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize/form.rb:147:in 'click_button'
from ./courseChecker.rb:33:in 'block in '
from /usr/lib/ruby/gems/1.9.1/gems/mechanize-1.0.0/lib/mechanize.rb:262:in 'get'
from ./courseChecker.rb:26:in ''`
HTML HEADERS TRACE from successful Firefox login:
`htps://xx2web1.apps.XXXXXXXXX.com/BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f` `GET /BANPROD1/xxauthent.ss_md5_login?timestamp_in=1289814134&uin_in=XXXXXXXXX&digest_in=d75483c390a2ab4ec0b939eaef7ecb1f HTTP/1.1 Host: xx2web1.apps.XXXXXXXXX.com User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101027 Firefox/3.6.12 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: htps://eas.admin.XXXXXXXXX.com/eas/servlet/EasLogin?redirect=htps://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1 Cookie: RedirectString=https://webprod.admin.XXXXXXXXX.com/ssa/servlet/SelfServiceLogin?appName=com.XXXXXXXXX.aits.SelfServiceLogin&dad=BANPROD1; EnterpriseSessionId=8cc56f29-28de-4a01-96b8-6f58c30d6b6e-155.69.191.54; TESTID=test` `HTTP/1.1 200 OK Date: Mon, 15 Nov 2010 09:42:03 GMT Server: Oracle-Application-Server-10g/10.1.2.3.0 Oracle-HTTP-Server Content-Length: 228 Set-Cookie: SESSID=RTlCTzQ4MTc5NDAzOQ== Connection: close Content-Type: text/html; charset=UTF-8`
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
您是否尝试过让 Mechanize 通过代理(例如 Charles)进行访问,并查看其来回发送的内容与火狐浏览器相比?
可以将其配置为查看 https 交互。
玩得开心,克里斯
Have you tried getting Mechanize to go via a proxy, for example Charles, and look into what its sending back and forth compared to Firefox?
It can be configured to look into https interactions.
Have fun, Chris