使用 C# HttpWebRequest 将帖子发送到 java servlet
我有将文件上传到java servlet 的任务。我安装了 Fiddler 来查看 Web 请求发送到哪里以及发送了哪些 post 数据。使用 HttpWebRequest GET 方法登录 java servlet 后,我在 cookies 中收到 SessionId。因此,我在标头中使用此 SessionId 来创建对 servlet 所在的 Web 服务器的 POST 请求。但作为回应,我收到消息“会话超时。尝试重新登录。”但是,如果我通过用户界面使用应用程序,则所有应用程序都有一个 SessionId,该 SessionId 随每个请求一起在标头中发送。 这个应用程序在银行运行,所以我在想他们是否有一些防止抓取的安全措施。 我的思考方式正确吗?任何帮助将不胜感激。 谢谢,埃琳娜
这是我的代码
CookieContainer cookieContainer = new CookieContainer();
HttpWebRequest req = (HttpWebRequest)WebRequest.Create("http://go.tkygw.pcnet.smbc.local/MgbTokyoGateway/Mgblinkmenu.aspx");
req.Credentials = new NetworkCredential("GB54326", "elena83", "TKYGW");
req.CookieContainer = cookieContainer;
req.Headers.Add("Pragma", "no-cache");
req.Headers.Add("Accept-Language", "en-gb");
req.ProtocolVersion = HttpVersion.Version10;
req.AllowAutoRedirect = true;
WebResponse resp = req.GetResponse();
//here in cookies I receive ASP.NET_session_Id and tkygw_intra
HttpWebResponse webr = (HttpWebResponse)resp;
StreamReader r = new StreamReader(resp.GetResponseStream(), System.Text.Encoding.UTF8);
string res = r.ReadToEnd();
resp.Close();
NameValueCollection nvc = new NameValueCollection();
nvc.Add("_PAGEID", "MWMAL1000P00");
nvc.Add("_SENDTS", "1296208904759");
nvc.Add("_TRANID", "AL1000T00P01");
nvc.Add("_SUBINDEX", "-1");
nvc.Add("_TARGET", "");
nvc.Add("_FRAMID", "");
nvc.Add("_LUID", "1296208904720");
nvc.Add("_WINID", "root");
nvc.Add("_TARGETWINID", "TIMEOUTW_300000_13");
nvc.Add("CHK_FLG", "0");
nvc.Add("BUTTON_NAME", "Corporate Card");
nvc.Add("TITLE_NAME", "[AL1000]Main Menu");
nvc.Add("DateFormat", "1");
nvc.Add("BIZKEY", "AC");
nvc.Add("H_REG_NUM", "");
nvc.Add("H_TODO_DISP_MODE", "");
nvc.Add("H_VIEW_CHANGE_FLG", "1");
nvc.Add("H_SMVA_FLG", "0");
nvc.Add("H_SWITCH_ID", "8837");
nvc.Add("T_BOOKING", "8802");
nvc.Add("T_CUSTOMER_ID", "109732");
nvc.Add("P_DATE_FM", "1");
nvc.Add("D_BA_CREDIT_MONITORING_DISABLED", "");
nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
nvc.Add("P_BLANKET_APPLI", "");
HttpWebRequest req3 = (HttpWebRequest)WebRequest.Create("http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet");
//here in cookiesContainer are 4 values: ASP.NET_session_Id , tkygw_intra
req3.CookieContainer = cookieContainer;
req3.Method = "POST";
req3.Accept = "*/*";
// req3.Headers.Add("Pragma", "no-cache");
// req3.Headers.Add("Accept-Language", "en-gb");
req3.AllowAutoRedirect = true;
req3.KeepAlive = true;
req3.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)";
req3.ContentType = "application/x-www-form-urlencoded";
req3.ProtocolVersion = HttpVersion.Version10;
var sbPostData = new StringBuilder();
if (nvc != null)
{
foreach (string key in nvc.AllKeys)
{
string[] values = nvc.GetValues(key);
if (values != null)
{
foreach (string value in values)
{
if (!string.IsNullOrEmpty(value))
sbPostData.Append(string.Format("{0}={1}&", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(value)));
}
}
}
}
var parameterString = Encoding.UTF8.GetBytes(sbPostData.ToString());
req3.Referer = "http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet?_TRANID=AL0010P01C01";
req3.ContentLength = sbPostData.ToString().Length;
using (Stream requestStream = req3.GetRequestStream())
{
requestStream.Write(parameterString, 0, parameterString.Length);
requestStream.Close();
//nothig is received in cookies. Status of response 200 (OK), but on the web page is error that Session is Time OUT. Please Login again
using (var response = req3.GetResponse() as HttpWebResponse)
{
using (var stIn = new System.IO.StreamReader(response.GetResponseStream()))
{
//here I receive session Time Out. Please login again
string s = stIn.ReadToEnd();
}
}
}
I have task of uploading file to java servlet. I installed Fiddler to see where web requests are sent and what post data is sent. After logging into java servlet using HttpWebRequest GET method I receive in cookies SessionId. So I was using this SessionId in headers to create POST request to the web server where servlet is. But in response I receive message that "session is time out. Try to login again." But if I use application through user interface I have the one SessionId for all application which is sent in headers with each request.
This application is running in bank so I was thinking if they have some security against scraping.
Am I thinking in a right way? Any help will be appreciated.
Thanks, Elena
Here is my code
CookieContainer cookieContainer = new CookieContainer();
HttpWebRequest req = (HttpWebRequest)WebRequest.Create("http://go.tkygw.pcnet.smbc.local/MgbTokyoGateway/Mgblinkmenu.aspx");
req.Credentials = new NetworkCredential("GB54326", "elena83", "TKYGW");
req.CookieContainer = cookieContainer;
req.Headers.Add("Pragma", "no-cache");
req.Headers.Add("Accept-Language", "en-gb");
req.ProtocolVersion = HttpVersion.Version10;
req.AllowAutoRedirect = true;
WebResponse resp = req.GetResponse();
//here in cookies I receive ASP.NET_session_Id and tkygw_intra
HttpWebResponse webr = (HttpWebResponse)resp;
StreamReader r = new StreamReader(resp.GetResponseStream(), System.Text.Encoding.UTF8);
string res = r.ReadToEnd();
resp.Close();
NameValueCollection nvc = new NameValueCollection();
nvc.Add("_PAGEID", "MWMAL1000P00");
nvc.Add("_SENDTS", "1296208904759");
nvc.Add("_TRANID", "AL1000T00P01");
nvc.Add("_SUBINDEX", "-1");
nvc.Add("_TARGET", "");
nvc.Add("_FRAMID", "");
nvc.Add("_LUID", "1296208904720");
nvc.Add("_WINID", "root");
nvc.Add("_TARGETWINID", "TIMEOUTW_300000_13");
nvc.Add("CHK_FLG", "0");
nvc.Add("BUTTON_NAME", "Corporate Card");
nvc.Add("TITLE_NAME", "[AL1000]Main Menu");
nvc.Add("DateFormat", "1");
nvc.Add("BIZKEY", "AC");
nvc.Add("H_REG_NUM", "");
nvc.Add("H_TODO_DISP_MODE", "");
nvc.Add("H_VIEW_CHANGE_FLG", "1");
nvc.Add("H_SMVA_FLG", "0");
nvc.Add("H_SWITCH_ID", "8837");
nvc.Add("T_BOOKING", "8802");
nvc.Add("T_CUSTOMER_ID", "109732");
nvc.Add("P_DATE_FM", "1");
nvc.Add("D_BA_CREDIT_MONITORING_DISABLED", "");
nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
nvc.Add("D_BA_CREDIT_APPLICATION_DISABLED", "");
nvc.Add("P_BLANKET_APPLI", "");
HttpWebRequest req3 = (HttpWebRequest)WebRequest.Create("http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet");
//here in cookiesContainer are 4 values: ASP.NET_session_Id , tkygw_intra
req3.CookieContainer = cookieContainer;
req3.Method = "POST";
req3.Accept = "*/*";
// req3.Headers.Add("Pragma", "no-cache");
// req3.Headers.Add("Accept-Language", "en-gb");
req3.AllowAutoRedirect = true;
req3.KeepAlive = true;
req3.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)";
req3.ContentType = "application/x-www-form-urlencoded";
req3.ProtocolVersion = HttpVersion.Version10;
var sbPostData = new StringBuilder();
if (nvc != null)
{
foreach (string key in nvc.AllKeys)
{
string[] values = nvc.GetValues(key);
if (values != null)
{
foreach (string value in values)
{
if (!string.IsNullOrEmpty(value))
sbPostData.Append(string.Format("{0}={1}&", HttpUtility.UrlEncode(key), HttpUtility.UrlEncode(value)));
}
}
}
}
var parameterString = Encoding.UTF8.GetBytes(sbPostData.ToString());
req3.Referer = "http://gcm.tkygw.pcnet.smbc.local/gcmv0/WACSServlet?_TRANID=AL0010P01C01";
req3.ContentLength = sbPostData.ToString().Length;
using (Stream requestStream = req3.GetRequestStream())
{
requestStream.Write(parameterString, 0, parameterString.Length);
requestStream.Close();
//nothig is received in cookies. Status of response 200 (OK), but on the web page is error that Session is Time OUT. Please Login again
using (var response = req3.GetResponse() as HttpWebResponse)
{
using (var stIn = new System.IO.StreamReader(response.GetResponseStream()))
{
//here I receive session Time Out. Please login again
string s = stIn.ReadToEnd();
}
}
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您使用 HttpWebRequest 上传文件,则必须正确指定内容标头。
内容必须指定为Content-Type: multipart/form-data
示例片段
查看此和此帖子了解更多详细信息解释
If you are uploading file using HttpWebRequest, you must specify content headers correct.
Content must be specified as Content-Type: multipart/form-data
sample snippet
Check out this and this posts for more detail explanation