Tse*_*Tse 5 javascript php python request
你好,亲爱的 SO 社区。
我有一个问题折磨了我好几个月没有解决办法。
我试图在使用一些以冒号开头的标头的 HTTP/2 端点发出请求。例子:
:method: "POST"
我尝试过 python(hyper, requests), php(guzzle) 和 js(fetch)。据推测,我已经使用 js 实现了所需的结果,但是 CORS 策略返回了一个“不透明”的结果。
任何帮助都会很棒!
JS 结果大概是正确的“不透明”
fetch("https://www.example.com/users/sign_in",
{
"credentials":"include",
"headers":{
"accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
"accept-language":"en-US,en;q=0.9,el;q=0.8",
"cache-control":"max-age=0",
"content-type":"application/x-www-form-urlencoded",
"accept-encoding": "gzip, deflate, br",
"content-length": 614,
"origin": "https://www.example.com",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "same-origin",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36",
},
"referrer":"https://www.example.com/users/sign_in",
"referrerPolicy":"no-referrer-when-downgrade",
"redirect": "follow",
"body":"..."
"method":"POST",
"mode":"no-cors",
":authority": "www.example.com",
":method": "POST",
":path": "/users/sign_in",
":scheme": "https"
})
Python 结果 500 或 404
context = tls.init_context()
context.check_hostname = False
context.verify_mode = ssl.CERT_NONE
with HTTP20Connection('www.example.com', port=443, ssl_context=context) as c:
headers = {
":authority": "www.example.com",
":method": "GET",
":path": "/users/sign_in",
":scheme": "https",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
"accept-encoding": "gzip, deflate, br",
"accept-language": "en-US,en;q=0.9,el;q=0.8",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"sec-fetch-user": "?1",
"upgrade-insecure-requests": "1",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"
}
c.request('GET', 'www.example.com/users/sign_in', headers=headers)
PHP 结果 500 或 curl 错误 55
$jar = new CookieJar;
$client = new Client([
// Base URI is used with relative requests
'cookies' => $jar,
'version' => 2.0,
'debug' => fopen('php://stderr', 'w'),
]);
$client->request('GET', 'https://www.example.com/users/sign_in');
$response = $client->request('POST', 'https://www.example.com/users/sign_in', [
'headers' => [
":authority"=> "www.example.com",
":method"=> "POST",
":path"=> "/users/sign_in",
":scheme"=> "https",
"accept"=> "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3",
"accept-encoding"=> "gzip, deflate, br",
"accept-language"=> "en-US,en;q=0.9,el;q=0.8",
"cache-control"=> "max-age=0",
"content-length"=> "616",
"content-type"=> "application/x-www-form-urlencoded",
"origin"=> "https://www.example.com",
"referer"=> "https://www.example.com/users/sign_in",
"sec-fetch-mode"=> "navigate",
"sec-fetch-site"=> "same-origin",
"sec-fetch-user"=> "?1",
"upgrade-insecure-requests"=> "1",
"user-agent"=> "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"
],
'form_params' => [ ... ],
'version' => 2.0,
'allow_redirects' => true
]);
Hie*_*roB 10
这些是 HTTP/2 伪标头,适用于 HTTP/2 流中的请求和响应。HTTP/2 创建从每个不同的源端点到服务器的单个持久连接。该连接向端点传输多个请求和来自端点的响应;这些被解析为“帧”并作为“流”传输。HTTP/2 可以同时交错来自多个请求和响应流的帧,以获得巨大的性能优势。 http/2 简介
伪标头适用于流;一组不同的标头适用于连接本身。为请求定义了四个伪标头::method、:scheme、:authority 和:path。不允许有其他人。这 4 个必须包含在每个请求标头块中,并且它们必须位于任何其他标头之前:
"所有伪标头字段必须出现在常规标头字段之前的标头块中。任何包含出现在常规标头字段之后的标头块中的伪标头字段的请求或响应必须被视为格式错误(第 8.1.2.6 节) . " http2 规范
我不熟悉“fetch”如何实现标头,但在上面的代码中,您似乎在标头块之外有伪标头,并且它们放置在末尾。可能会搞砸抓取。