无法使用带有x-www-form-urlencoded参数的JSOUP登录网站 [英] Cannot login to website by using JSOUP with x-www-form-urlencoded parameters

问题描述

如何使用 Jsoup 来实现以下请求?

How can I implement the following request by using Jsoup?

POST/登录/用户HTTP/1.1
主持人:url.publishedprices.co.il
缓存控制:无缓存 内容类型:application/x-www-form-urlencoded

POST /login/user HTTP/1.1
Host: url.publishedprices.co.il
Cache-Control: no-cache Content-Type: application/x-www-form-urlencoded

username = readonly& password = 123456& csrftoken = wohewqfDrcK2JMK5w7BKw4jCuMOiARnDg01Rw4VZdQ％3D％3D

username=readonly&password=123456&csrftoken=wohewqfDrcK2JMK5w7BKw4jCuMOiARnDg01Rw4VZdQ%3D%3D

我尝试了以下代码，但无法正常工作，我从某个网站获得错误

I've tried the following code but it doesn't work, I get an error from a site that

没有收到预期的安全令牌

Did not receive expected security token

我正在使用以下代码:

Document welcomePage = Jsoup.connect("https://url.publishedprices.co.il/login").get();
Element inputHidden = welcomePage.getElementById("csrftoken");


String securityTokenKey = inputHidden.attr("name");
String securityTokenValue = inputHidden.attr("value");

Connection.Response res2 = Jsoup.connect("https://url.publishedprices.co.il/login/user")
        .header("Content-Type","application/x-www-form-urlencoded;charset=UTF-8")
        .data("username", "readonly")
        .data("password", "123456")
        .data(securityTokenKey, securityTokenValue)
        .method(Method.POST)
        .execute();

System.out.println(res2.body());
Map<String, String> loginCookies = res2.cookies();

我知道，当我使用x-www-form-urlencoded时，我需要在URL内对其进行编码，但是我想当我设置正确的标头JSOUP时，对我来说，我错了吗?

I know that when I use x-www-form-urlencoded I need to encode it within URL but supposed that when I set correct header JSOUP do it for me, am I wrong?

谢谢.

推荐答案

您应该传递cookie(其中包含带有秘密令牌的会话)，以便服务器端的CSRF保护将能够比较令牌和授予权限您可以访问.

You should pass the cookie (which contains the session with the secret token), so that the CSRF protection on server side will be able to compare the tokens and grant you access.

Connection.Response res1 = Jsoup.connect("https://url.publishedprices.co.il/login").method(Method.GET).execute();
        Document welcomePage = res1.parse();
        Map welcomCookies = res1.cookies();
        Element inputHidden = welcomePage.getElementById("csrftoken");


        String securityTokenKey = inputHidden.attr("name");
        String securityTokenValue = inputHidden.attr("value");

        Connection.Response res2 = Jsoup.connect("https://url.publishedprices.co.il/login/user")
                .header("Content-Type","application/x-www-form-urlencoded;charset=UTF-8")
                .data("username", "readonly")
                .data("password", "123456")
                .data(securityTokenKey, securityTokenValue)
                .cookies(welcomCookies)
                .method(Method.POST)
                .execute();

        System.out.println(res2.body());

这篇关于无法使用带有x-www-form-urlencoded参数的JSOUP登录网站的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！