使用HttpClient的Async NancyFX - fbcdn的GetAsync返回403 forbidden?
ric*_*ard 7 .net c# async-await nancy dotnet-httpclient
注意:我已经改变了这个问题,试图让它更多地指出问题所在.以下评论不再反映这个问题.
我想从fbcdn获取这个图像:
浏览器得到它就好了.这是我的代码:
public class ReverseProxyController : NancyModule
{
public ReverseProxyController()
{
Get["/", true] = async (parameters, ct) =>
{
var result = await GetResult(parameters, ct);
return result;
};
}
private async Task<Response> GetResult(dynamic parameters, CancellationToken ct)
{
var client = new HttpClient();
string url = Request.Query["url"].Value.ToString();
if (url == null) return null;
client.DefaultRequestHeaders.Add("Access-Control-Allow-Origin", "*");
client.DefaultRequestHeaders.Add("User-Agent",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36");
client.DefaultRequestHeaders.Add("Upgrade-Insecure-Requests", "1");
client.DefaultRequestHeaders.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate, sdch, br");
client.DefaultRequestHeaders.Add("Accept-Language", "en-US,en;q=0.8,ru;q=0.6");
var response = await client.GetAsync(url, ct);
ct.ThrowIfCancellationRequested();
switch (response.StatusCode)
{
case HttpStatusCode.OK:
var stream = await response.Content.ReadAsStreamAsync();
return Response.FromStream(stream, response.Content.Headers.ContentType != null
? response.Content.Headers.ContentType.ToString()
: "application/octet-stream");
default:
return Response.AsText("\nError " + response.StatusCode);
}
}
}
我每次都收到403 Forbidden响应.我认为添加标题会使它工作但不会去.
此代码适用于其他主机上的其他图像,如下所示:
https://s-media-cache-ak0.pinimg.com/564x/ff/f0/c9/fff0c988a4516659d4009f60e0694cb6.jpg
问题出在 Nancy 请求的 URL 检索中,而不是使用HttpClient.
我假设您正在向 nancy 发送请求,例如:
因此对于 Facebook 来说,它将是:
但这个 urlstring url = Request.Query["url"].Value.ToString();不完整并且缺少最后一部分 (&oe=589AAD2F),因此服务器响应为 Forbidden。
这是演示问题的简单更改:
private async Task<Response> GetResult(dynamic parameters, CancellationToken ct)
{
var client = new HttpClient();
var req = Request.Url.ToString();
var queryStart = req.IndexOf("url=");
if (queryStart == -1)
return Nancy.HttpStatusCode.BadRequest;
var url = req.Substring(queryStart + 4);
if (string.IsNullOrEmpty(url))
return Nancy.HttpStatusCode.BadRequest;
client.DefaultRequestHeaders.Add("Access-Control-Allow-Origin", "*");
client.DefaultRequestHeaders.Add("User-Agent",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36");
client.DefaultRequestHeaders.Add("Upgrade-Insecure-Requests", "1");
client.DefaultRequestHeaders.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate, sdch, br");
client.DefaultRequestHeaders.Add("Accept-Language", "en-US,en;q=0.8,ru;q=0.6");
var response = await client.GetAsync(url, ct);
ct.ThrowIfCancellationRequested();
switch (response.StatusCode)
{
case System.Net.HttpStatusCode.OK:
var stream = await response.Content.ReadAsStreamAsync();
return Response.FromStream(stream, response.Content.Headers.ContentType != null
? response.Content.Headers.ContentType.ToString()
: "application/octet-stream");
default:
return Response.AsText("\nError " + response.StatusCode);
}
}
解决方案
实际上,我们可以在发送 URL 之前对其进行编码,Nancy 会自动为我们解码 URL,因此无需在服务器端进行任何更改。
HttpUtility.UrlEncode这是使用Applied on生成的链接示例
结果:
https%3a%2f%2fscontent.xx.fbcdn.net%2fv%2ft1.0-1%2fc15.0.50.50%2fp50x50%2f10354686_10150004552801856_220367501106153455_n.jpg%3foh%3d6c801f82cd5 a32fd6e5a4258ce00a314%26oe%3d589AAD2F
对此特定链接的实际请求将是:
替代解决方案
在这种情况下,我个人更喜欢 POST 而不是 GET,所以这里是:
public class ReverseProxyController : NancyModule
{
class ProxyRequest
{
public string Url { get; set; }
}
public ReverseProxyController()
{
Post["/", true] = async (parameters, ct) =>
{
var result = await GetResult(parameters, ct);
return result;
};
}
private async Task<Response> GetResult(dynamic parameters, CancellationToken ct)
{
var pReq = this.Bind<ProxyRequest>();
var url = pReq.Url;
if (string.IsNullOrEmpty(url))
return null;
var client = new HttpClient();
client.DefaultRequestHeaders.Add("Access-Control-Allow-Origin", "*");
client.DefaultRequestHeaders.Add("User-Agent",
"Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.71 Safari/537.36");
client.DefaultRequestHeaders.Add("Upgrade-Insecure-Requests", "1");
client.DefaultRequestHeaders.Add("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate, sdch, br");
client.DefaultRequestHeaders.Add("Accept-Language", "en-US,en;q=0.8,ru;q=0.6");
var response = await client.GetAsync(url, ct);
ct.ThrowIfCancellationRequested();
switch (response.StatusCode)
{
case System.Net.HttpStatusCode.OK:
var stream = await response.Content.ReadAsStreamAsync();
return Response.FromStream(stream, response.Content.Headers.ContentType != null
? response.Content.Headers.ContentType.ToString()
: "application/octet-stream");
default:
return Response.AsText("\nError " + response.StatusCode);
}
}
}