如何使用 WinHttpRequest COM 登录? [英] How to do logins using the WinHttpRequest COM?

问题描述

您可以看到很多人在网站上使用鼠标单击和浏览器窗口上的击键模拟或使用 IE COM 来实现自动化，但对于某些应用程序，您不希望您的应用程序占用数百兆 RAM 并使用 CPU 负载呈现网站等的权力.

You can see lots of people automating things on websites using mouseclick and keystroke simulation on browser windows or using the IE COM, but for some applications you don't want your application to take hundrets of megabytes of RAM and use loads of CPU power to render the website etc.

所以问题是:
如何在没有浏览器但使用 WinHttpRequest COM 的情况下使用 AutoHotkey 登录网站/网络服务?

So the question is:
How to do logins to websites / webservices using AutoHotkey without a browser but using the WinHttpRequest COM?

推荐答案

我已经在 AHK 论坛上发布了这个信息，但我认为这些信息也足够有用，可以在 Stackoverflow 上存档.:)

首先，如果你想做登录之类的事情，你可能应该学习一些 HTML 和 HTTP 协议的基础知识.提琴手 和 SetProxy(2,"localhost:8888") 将在调试和逆向工程方面为您提供很多帮助.我还建议您使用浏览器插件来快速清理您的 cookie.

First of all, if you want to do things like logins, you should probably learn some HTML and the basics about the HTTP protocol. Fiddler and SetProxy(2,"localhost:8888") will help you A LOT with the debugging and reverse engineering. I also recommend using an add on for your browser to quickly clean your cookies.

好的，现在让我们看一些例子.登录 autohotkey.com 论坛会是什么样子?
为了对 taht 站点的登录进行逆向工程，我只是分析了浏览器对 autohotkey.com 的 HTTP 请求(在浏览器中使用 Fiddler 或 F12)，通过反复试验，我能够将其最小化为基础.我们只需要两个请求，登录需要一个请求头，以及 3 个 POST 数据参数.

Okay, now let's take a look at some examples. What would a login to the autohotkey.com forum look like?
To reverse engineer the login of taht site I simply analyzed the browsers HTTP requests to autohotkey.com (use Fiddler or F12 in your browser for that) and by some trial and error I was able to minimize it to the basics. We need exactly two requests and the login needs one request header, as well as 3 POST data parameters.

这是我们基本上要做的事情:

Here is what we are basically gonna do:

1. 在 http: 上执行一个简单的 GET 请求://www.autohotkey.com/board/index.php?app=core&module=global&section=login
2. 从响应正文 (ResponseText) 中提取登录表单中的 auth_key 参数
3. 创建包含 auth_key 参数以及登录的用户名、密码和 rememberMe 参数的 POST 数据字符串
4. 为下一个请求设置 Content-Type 标头
5. 将 POST 数据字符串发送到 http://www.autohotkey.com/board/index.php?app=core&module=global&section=login&do=process
6. 分析响应正文，检查 HTML 文档标题是否以登录"字样开头.如果是这样，那么您显然没有登录(登录失败/登录数据错误).如果标题不同，则登录成功.

示例 1 代码

;Prepare our WinHttpRequest object
HttpObj := ComObjCreate("WinHttp.WinHttpRequest.5.1")
;HttpObj.SetProxy(2,"localhost:8888") ;Send data through Fiddler
HttpObj.SetTimeouts(6000,6000,6000,6000) ;Set timeouts to 6 seconds
;HttpObj.Option(6) := False ;disable location-header rediects

;Set our URLs
loginSiteURL := "http://www.autohotkey.com/board/index.php?app=core&module=global&section=login"
loginURL := "http://www.autohotkey.com/board/index.php?app=core&module=global&section=login&do=process"

;Set our login data
username := "Brutosozialprodukt"
password := "xxxxxxxxxxxxxx"
rememberMe := "1"

;Step 1
HttpObj.Open("GET",loginSiteURL)
HttpObj.Send()

;Step 2
RegExMatch(HttpObj.ResponseText,"<inputstype='hidden'sname='auth_key'svalue='(w+)'s/>",match)
auth_key := match1

;Step 3
loginBody := "auth_key=" auth_key "&ips_username=" username "&ips_password=" password "&rememberMe=" rememberMe

;Step 4/5
HttpObj.Open("POST",loginURL)
HttpObj.SetRequestHeader("Content-Type","application/x-www-form-urlencoded")
HttpObj.Send(loginBody)

;Step 6
If (InStr(HttpObj.ResponseText,"<title>Sign In"))
    MsgBox, The login failed!
Else
    MsgBox, Login was successfull!

如果正确更改 URL，这可能适用于大多数 IPB 论坛.

This will probably work for most IPB forums if change the URLs properly.

让我们再次登录新的/其他 AHK 论坛(这会容易得多).

Let's do another login to the new/other AHK forum (this will be much easier).

1. 创建包含用户名、密码和自动登录参数的 POST 数据
2. 设置 Content-Type 标头
3. 将 POST 数据发送到 http://ahkscript.org/boards/ucp.php?mode=login
4. 分析响应正文，检查 HTML 文档标题是否以单词Login"开头.如果是这样，那么您显然还没有登录(登录失败/错误的登录数据).如果标题不同，则登录成功.

示例 2 代码

;Prepare our WinHttpRequest object
HttpObj := ComObjCreate("WinHttp.WinHttpRequest.5.1")
;HttpObj.SetProxy(2,"localhost:8888") ;Send data through Fiddler
HttpObj.SetTimeouts(6000,6000,6000,6000) ;Set timeouts to 6 seconds
;HttpObj.Option(6) := False ;disable location-header rediects

;Set our URLs
loginURL := "http://ahkscript.org/boards/ucp.php?mode=login"

;Set our login data
username := "Brutosozialprodukt"
password := "xxxxxxxxxxxxxx"
autologin := "on"

;Step 1
loginBody := "username=" username "&password=" password "&autologin=" autologin "&login=Login"

;Step 2/3
HttpObj.Open("POST",loginURL)
HttpObj.SetRequestHeader("Content-Type","application/x-www-form-urlencoded")
HttpObj.Send(loginBody)

;Step 4
If (InStr(HttpObj.ResponseText,"<title>Login"))
    MsgBox, The login failed!
Else
    MsgBox, Login was successfull!

如果正确更改 URL，这可能适用于大多数 phpbb 论坛.

This will probably work for most phpbb forums if change the URLs properly.

这篇关于如何使用 WinHttpRequest COM 登录?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！