如何使用 Java 在 Http Get 方法中设置 Cookie [英] How to set Cookies at Http Get method using Java
问题描述
我想使用 cookie 进行手动 GET,以便下载和解析网页.我需要提取安全令牌,以便在论坛上发帖.我已经完成了登录,阅读了响应并提取了 cookie(3 对 (name,value) ).然后我写了包含 cookie 的字符串,如下所示:
I want to do a manual GET with cookies in order to download and parse a web page. I need to extract the security token, in order to make a post at the forum. I have completed the login, have read the response and extracted the cookies (3 pairs of (name,value) ). I then wrote the String containing the cookies like this:
CookieString="name1=value1; name2=value2; name3=value3"
然后我执行以下操作
HttpURLConnection connection
connection = (HttpURLConnection)(new URL(Link).openConnection());
connection.setRequestMethod("GET");
connection.setRequestProperty("Connection", "Keep-Alive");
connection.setRequestProperty("Cookie", CookieString );
connection.connect();
然后我阅读了页面,但它显示我没有登录论坛.我做错了什么?
I then read the page but it shows that I am not logged at the forum. What am I doing wrong?
我知道如果我想发帖,我必须提取安全令牌.我的思路是,为了提取它,我需要获取这个特定的页面.但是为了将安全令牌作为隐藏字段,我必须在线,因此我需要 cookie.但是当我获取页面并如上所述设置 cookie 时,我以访客身份获取页面,这表明我不在线并且安全令牌的值是访客,这对我没有用.我会检查你给我的链接,希望能找到解决方案.
edit: I know that I must extract the security token if I want to make a post. My train of thought was that in order to extract it, I need to GET this particular page. But for the security token to be as a hidden field I must be online, thus I needed the cookies. But when I GET the page and I set the cookies as mentioned above i get the page as a guest, it shows that I am not online and the value of security token is guest which is not useful for me. I will check the link you gave me and hopefully will find a solution.
推荐答案
可以肯定的是,您应该从响应的 Set-Cookie 标头中收集 cookie.要在后续请求中将它们发回,您应该使用 URLConnection#addRequestProperty().
To be sure, you should be gathering the cookies from the response's Set-Cookie headers. To send them back in the subsequent requests, you should set them one by one using URLConnection#addRequestProperty().
基本上:
// ...
// Grab Set-Cookie headers:
List<String> cookies = connection.getHeaderFields().get("Set-Cookie");
// ...
// Send them back in subsequent requests:
for (String cookie : cookies) {
connection.addRequestProperty("Cookie", cookie.split(";", 2)[0]);
}
// ...
split(";", 2) 是为了摆脱与服务器端无关的 cookie 属性,例如 expires、path 等
The split(";", 2) is there to get rid of cookie attributes which are irrelevant for the server side like expires, path, etc.
对于更方便的 HTTP 客户端,我建议查看 Apache HttpComponents Client.它可以更透明地处理所有 cookie 内容.
For a more convenienced HTTP client I'd suggest to have a look at Apache HttpComponents Client. It can handle all the cookie stuff more transparently.
更新:根据评论,这不是 cookie 问题.错误的请求令牌意味着服务器内置了 CSRF/bot 防护(以防止像你这样的人).您需要使用表单从请求的页面中提取令牌作为隐藏的输入字段,并将其作为请求参数重新发送.Jsoup 可能有助于提取所有(隐藏的)输入字段.不要忘记传递您想要按下"的按钮的名称-值对.以编程方式.另请参阅上述链接以获取更多提示.
Update: as per the comments, this is not a cookie problem. A wrong request token means that the server has CSRF/bot prevention builtin (to prevent people like you). You need to extract the token as a hidden input field from the requested page with the form and resend it as a request parameter. Jsoup may be useful to extract all (hidden) input fields. Don't forget to pass the name-value pair of the button as well which you'd like to "press" programmatically. Also see the abovementioned link for more hints.
在未来,您真的应该更加清楚您检索到的确切错误,而不是胡乱猜测.复制粘贴确切的错误消息等.
In the future, you should really be more clear about the exact error you retrieve and not guess something in the wild. Copypaste the exact error message and so on.
这篇关于如何使用 Java 在 Http Get 方法中设置 Cookie的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
