Linux curl 表單登陸或提交與cookie使用

時間 2020-08-22

標籤 linux curl 表單登陸提交 cookie 使用欄目 Linux 简体版

原文原文鏈接

本文主要講解經過curl 實現表單提交登陸。單獨的表單提交與表單登陸都差很少，所以就不單獨說了。html

說明：針對curl表單提交實現登陸，不是全部網站都適用，緣由是有些網站後臺作了限制或有其餘校驗。咱們不知道這些網站後臺的限制或校驗機制具體是什麼，所以直接curl表單登陸多是不行的。json

固然，以下案例是能夠用curl登陸的。瀏覽器

案例：LeanCloud登陸

要求和結果

要求：經過curl登陸後，能正常訪問leancloud的應用頁面。安全

登陸頁面連接以下：cookie

1 https://leancloud.cn/dashboard/login.html#/signin

能正常訪問以下頁面：app

1 https://leancloud.cn/dashboard/applist.html#/apps

瀏覽器訪問效果：dom

無登陸直接訪問結果

瀏覽器訪問結果

上圖紅框 403 中的訪問鏈接以下：curl

1 https://leancloud.cn/1.1/clients/self/apps

經過curl 驗證是否登陸

 1 [root@iZ28xbsfvc4Z ~]# curl -i https://leancloud.cn/1.1/clients/self/apps
 2 HTTP/1.1 403 Forbidden
 3 Server: openresty
 4 Date: Sun, 14 Jul 2019 11:35:28 GMT
 5 Content-Type: application/json;charset=utf-8
 6 Transfer-Encoding: chunked
 7 Connection: keep-alive
 8 Vary: Accept-Encoding
 9 Cache-Control: no-cache,no-store
10 Pragma: no-cache
11 
12 {"code":1,"error":"User doesn't sign in."}

獲取表單字段信息

獲取表單提交連接

經過下圖可獲得表單提交的連接信息。具體以下：網站

1 https://leancloud.cn/1.1/signin

curl 表單登陸並保存cookie信息

1 curl -v -c leancloud1.info -X POST -F 'email=yourname' -F 'password=yourpassword' https://leancloud.cn/1.1/signin
2 # 或則
3 curl -v -c leancloud3.info -X POST -d 'email=yourname&password=yourpassword' https://leancloud.cn/1.1/signin

查看cookie信息

 1 [root@iZ28xbsfvc4Z 20190714_02]# ll
 2 total 32
 3 -rw-r--r-- 1 root root  337 Jul 14 19:45 leancloud1.info
 4 -rw-r--r-- 1 root root  335 Jul 14 19:46 leancloud3.info
 5 [root@iZ28xbsfvc4Z 20190714_02]# cat leancloud1.info 
 6 # Netscape HTTP Cookie File
 7 # http://curl.haxx.se/docs/http-cookies.html
 8 # This file was generated by libcurl! Edit at your own risk.
 9 
10 #HttpOnly_leancloud.cn    FALSE    /    TRUE    1563709522    uluru_user    Ff1IPOiMX%2F6ipevuxy0OOg%3D%3D
11 leancloud.cn    FALSE    /    TRUE    1563709522    XSRF-TOKEN    5647dc84bd6eaea37eca2d07ae0e401cca4ba76803989c8559XXXXX7283da
12 [root@iZ28xbsfvc4Z 20190714_02]# cat leancloud3.info 
13 # Netscape HTTP Cookie File
14 # http://curl.haxx.se/docs/http-cookies.html
15 # This file was generated by libcurl! Edit at your own risk.
16 
17 #HttpOnly_leancloud.cn    FALSE    /    TRUE    1563709591    uluru_user    arTwQm6JylzLjBaQt7TpiQ%3D%3D
18 leancloud.cn    FALSE    /    TRUE    1563709591    XSRF-TOKEN    751e12827c7c046408541bc1bf962b5912ac35b0d07f88120XXXXXX40704704

每列字段說明：
domain：建立並能夠讀取變量的域名。
flag：一個 TRUE/FALSE 值，代表給定域中的全部機器是否均可以訪問該變量。此值由瀏覽器自動設置，具體取決於你爲域設置的值。
path：變量在域中有效的路徑。
secure：一個 TRUE/FALSE 值，代表是否須要與域的安全鏈接來訪問變量。
expiration：該變量將過時的UNIX時間。UNIX時間定義爲自1970年1月1日00:00:00 GMT開始的秒數。
name：變量名稱
value：變量值url

校驗是否登陸成功

直接訪問和帶有cookie訪問，這兩種訪問方式，請對比查看。

直接訪問

 1 [root@iZ28xbsfvc4Z 20190714_02]# curl -i https://leancloud.cn/1.1/clients/self/apps
 2 HTTP/1.1 403 Forbidden
 3 Server: openresty
 4 Date: Sun, 14 Jul 2019 11:52:47 GMT
 5 Content-Type: application/json;charset=utf-8
 6 Transfer-Encoding: chunked
 7 Connection: keep-alive
 8 Vary: Accept-Encoding
 9 Cache-Control: no-cache,no-store
10 Pragma: no-cache
11 
12 {"code":1,"error":"User doesn't sign in."}

帶有cookie文件的訪問

 1 # 使用cookie
 2 [root@iZ28xbsfvc4Z 20190714_02]# curl -i -b leancloud1.info https://leancloud.cn/1.1/clients/self/apps 
 3 ## 或者
 4 [root@iZ28xbsfvc4Z 20190714_02]# curl -i -b leancloud3.info https://leancloud.cn/1.1/clients/self/apps
 5 HTTP/1.1 200 OK
 6 Server: openresty
 7 Date: Sun, 14 Jul 2019 11:53:29 GMT
 8 Content-Type: application/json;charset=utf-8
 9 Transfer-Encoding: chunked
10 Connection: keep-alive
11 Vary: Accept-Encoding
12 Cache-Control: no-cache,no-store
13 Pragma: no-cache
14 Strict-Transport-Security: max-age=31536000
15 
16 [{"app_domain":null,"description":null,"archive_status":0,"biz_type":"dev","master_key": ………………

複製瀏覽器的cookie訪問

 1 [root@iZ28xbsfvc4Z 20190720]# curl -i -H 'cookie: _ga=GA1.2.2055706705.1560005524; …………' https://leancloud.cn/1.1/clients/self/apps
 2 HTTP/1.1 200 OK
 3 Server: openresty
 4 Date: Sat, 20 Jul 2019 08:11:37 GMT
 5 Content-Type: application/json;charset=utf-8
 6 Transfer-Encoding: chunked
 7 Connection: keep-alive
 8 Vary: Accept-Encoding
 9 Cache-Control: no-cache,no-store
10 Pragma: no-cache
11 Strict-Transport-Security: max-age=31536000
12 
13 [{"app_domain":null,"description":null,"archive_status":0,"biz_type":"dev","master_key": ………………

由上可知curl登陸成功。