使用Java用uu RequestVerificationToken填写HTML表单
我正在构建一个应用程序,它使用存储的登录/传递信息登录到网站并获取其内容。然而,相关网站的前端已经改变,现在我的脚本不再工作了
我发现该网站现在采用了更复杂的登录程序,使用某种CSRF保护。我已经从网站上提取了相关的验证请求,但无法提交表格。这是我试图使用JAVA工具填写的表单的HTML代码:
<form name="userInfoForm" ng-submit="$ctrl.signIn(userInfoForm)" novalidate="" class="ng-pristine ng-invalid ng-invalid-required">
<div class="form-group">
<div class="form-group">
<!-- ngIf: $ctrl.responseModel.errorMessage --> </div>
<div class="form-group">
<label class="sr-only">
Username
</label>
<input id="kitnum-input" tabindex="1" type="text" class="form-control ng-pristine ng-untouched ng-empty ng-invalid ng-invalid-required" placeholder="Username" ng-model="$ctrl.kitNum" ng-change="$ctrl.onType(userInfoForm)" autofocus="" required=""/>
</div>
<div class="form-group">
<label class="sr-only">
Password
</label>
<input id="password-input" tabindex="2" type="password" class="form-control ng-pristine ng-untouched ng-empty ng-invalid ng-invalid-required" placeholder="Password" ng-model="$ctrl.password" ng-change="$ctrl.onType(userInfoForm)" required=""/>
</div>
</div>
<div class="form-group text-center cta-space cta">
<button id="sign-in-btn" type="submit" value="Sign in" data-style="zoom-in" class="btn btn-main btn-uppercase ladda-button" loading-data-button="" loading="false" ng-disabled="$ctrl.submitDisabled" disabled="disabled">
<span class="ladda-label">
Sign In
</span>
<span class="ladda-spinner">
</span>
</button>
</div>
</form>
这是当前的JAVA代码: HtmlPage landing_page=null
webClient = new WebClient(BrowserVersion.CHROME);
webClient.getOptions().setJavaScriptEnabled(true);
webClient.getOptions().setRedirectEnabled(true);
webClient.getOptions().setThrowExceptionOnScriptError(false);
webClient.getOptions().setCssEnabled(false);
webClient.getOptions().setUseInsecureSSL(true);
webClient.getOptions().setThrowExceptionOnFailingStatusCode(false);
webClient.getCookieManager().setCookiesEnabled(true);
webClient.getCache().setMaxSize(0);
final HtmlPage loginpage = webClient.getPage(this.login_url);
List<HtmlForm> forms_from_login_page = loginpage.getForms();
HtmlForm form_from_login_page = forms_from_login_page.get(0);
String token = get__RequestVerificationToken(loginpage.asXml());
WebRequest web_req = loginpage.getWebResponse().getWebRequest();
web_req.setAdditionalHeader("__RequestVerificationToken", token);
HtmlTextInput userNameTextField = loginpage.getHtmlElementById("user-input");
HtmlPasswordInput passwordTextField = loginpage.getHtmlElementById("password-input");
userNameTextField.setValueAttribute(this.profile_id);
passwordTextField.setValueAttribute(this.password);
DomElement button = loginpage.getElementById("sign-in-btn");
button.setAttribute("type", "submit");
landing_page = button.click();
有没有办法解决这个问题
共 (0) 个答案