我正在尝试抓取一个具有分页的基本 asp.net 目录网站。
该网站有 50 多个页面,每个页面上最多包含 10 个分页链接。
我正在使用小提琴手来帮助复制使用浏览器发布的所有参数、变量、表单字段、cookie 等。我看到两个帖子之间的唯一区别是__EVENTVALIDATION值。
使用HttpWebRequest,我总是具有相同的值,同时通过浏览器每次点击都会更改。
使用HttpWebRequest,我正确地获得了前10页,但是所有后续页面都将我重定向到主页。Bellow 是回发 javascript,对于前 10 个链接之后的链接总是相同的。
javascript:__doPostBack('CT_Main_2$gvDirectorySearch$ctl53$ctl00$ctl11','')
任何想法为什么__EVENTVALIDATION不会随着 HttpWebRequest 而改变?
从你的描述来看,这听起来像是一个anti-forgery token,一个anti-forgery token用于防止cross-site request forgery (XSRF)攻击。
对于利用防伪令牌的网站,它通常会在客户端的浏览器中设置一个cookie,并且它期望将相同的令牌作为正在发布的表单中的参数。
为了克服它,您需要发送服务器在后续请求中设置的令牌,您还需要扫描 HTML 表单以查找相同的令牌并包含该令牌。
<小时 />编辑
所以我深入研究并创建了一个 ASP.NET WebForms 站点,并试图复制您的问题,但无法......在每个请求中,我都设法提取了__EVENTVALIDATION字段。
不过,如果你发现其中任何一个有用,这是我的代码......
void Main()
{
string eventValidationToken = string.Empty;
var firstResponse = this.Get(@"http://localhost:7428/Account/Login");
firstResponse.FormValues["ctl00$MainContent$Email"] = "email@example.com";
firstResponse.FormValues["ctl00$MainContent$Password"] = "password";
string secondRequestPostdata = firstResponse.ToString();
var secondResponse = this.Post(@"http://localhost:7428/Account/Login", secondRequestPostdata);
Console.WriteLine (firstResponse.FormValues["__EVENTVALIDATION"]);
Console.WriteLine (secondResponse.FormValues["__EVENTVALIDATION"]);
}
public FormData Get(string uri)
{
HttpWebRequest request = (HttpWebRequest)WebRequest.Create("http://localhost:7428/Account/Login");
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (Stream stream = response.GetResponseStream())
using (StreamReader reader = new StreamReader(stream))
{
return new FormData(reader.ReadToEnd());
}
}
public FormData Post(string uri, string postContent)
{
byte[] formBytes = Encoding.UTF8.GetBytes(postContent);
var request = (HttpWebRequest)WebRequest.Create("http://localhost:7428/Account/Login");
request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.ContentLength = formBytes.Length;
using (Stream stream = request.GetRequestStream())
{
stream.Write(formBytes, 0, formBytes.Length);
}
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
using (Stream stream = response.GetResponseStream())
using (StreamReader reader = new StreamReader(stream))
{
return new FormData(reader.ReadToEnd());
}
}
public class FormData
{
public FormData(string html)
{
this.Html = html;
this.FormValues = new Dictionary<string, string>();
this.FormValues["__EVENTTARGET"] = this.Extract(@"__EVENTTARGET");
this.FormValues["__EVENTARGUMENT"] = this.Extract(@"__EVENTARGUMENT");
this.FormValues["__VIEWSTATE"] = this.Extract(@"__VIEWSTATE");
this.FormValues["__VIEWSTATEGENERATOR"] = this.Extract(@"__VIEWSTATEGENERATOR");
this.FormValues["__EVENTVALIDATION"] = this.Extract(@"__EVENTVALIDATION");
this.FormValues["ctl00$MainContent$Email"] = string.Empty;
this.FormValues["ctl00$MainContent$Password"] = string.Empty;
this.FormValues["ctl00$MainContent$ctl05"] = "Log in";
}
public string Html { get; set; }
private string Extract(string id)
{
return Regex.Match(this.Html, @"id=""" + id + @""" value=""([^""]*)")
.Groups[1]
.Value;
}
public Dictionary<string, string> FormValues { get;set; }
public override string ToString()
{
var formData = this.FormValues.Select(form => HttpUtility.UrlEncode(form.Key) + "=" + HttpUtility.UrlEncode(form.Value));
return string.Join("&", formData);
}
}