伪造方法,参考代码:
public class HelloA {
private String large = new String(new char[100000]);
public String getSubString() {
return this.large.substring(0,2);
}
@Test
public void test(){
InputStream in = responseInputStream();
try {
if(in != null){
FileOutputStream out = new FileOutputStream("C:\\Users\\User\\Desktop\\test.zip");
writeInTxt(in,out);
}
} catch (FileNotFoundException e) {
e.printStackTrace();
}
}
public void writeInTxt(InputStream in, FileOutputStream out) {
//char[] bytes = new char[1024];
byte[] bytes = new byte[1024];
int len = 0;
try {
//InputStreamReader isr = new InputStreamReader(in,"UTF-8");
//OutputStreamWriter osw = new OutputStreamWriter(out,"UTF-8");
while((len = in.read(bytes)) !=-1){
out.write(bytes, 0, len);
}
} catch (IOException e) {
e.printStackTrace();
}
}
public InputStream responseInputStream(){
InputStream in = null;
/*String cookie="BAIDUID=4AB62207ED7EE9F7D5639F99FD2C93FB:FG=1; PSTM=1460857252; "+
"BIDUPSID=187A5BC1E5DD0DEF05E21F73A29835EF; _5t_trace_sid=1ea40703c286c635041c90d9a5f70580; "+
"_5t_trace_tms=1; H_PS_645EC=5b3dg%2Bo1fZjiciiEjCjOit34qHNoqmVzbHSdPYr%2FQo9iGTj%2BpjOjY0%2FE7%2Bo; "+
"BD_CK_SAM=1; BD_HOME=0; H_PS_PSSID=19638_19289_1439_19713_19806_19559_19808_19843_19902_17001_15557_11849; BD_UPN=12314353";
*/
try {
HttpURLConnection conn = (HttpURLConnection) new URL("http://www.baidu.com/").openConnection();
conn.setRequestProperty("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.94 Safari/537.36)");
conn.setRequestProperty("Accept-Encoding", "gzip, deflate, sdch");
conn.setRequestProperty("referer", "http://www.baidu.com/");
//conn.setRequestProperty("Cookie", cookie);
conn.setRequestProperty("Accept-Language", "zh-CN,zh;q=0.8");
conn.setRequestProperty("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8");
conn.setRequestMethod("GET");
conn.setDoInput(true);
int respcode=conn.getResponseCode();
if(respcode == 200)
in = conn.getInputStream();
} catch (MalformedURLException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
return in;
}
}
通过上述代码就可以实现与HttpClient工具相似的功能,伪造referer来发送请求,获取响应,这里要注意的是返回的数据是zip格式的。或者直接写C:\\Users\\User\\Desktop\\test,test后面不带zip等任何后缀,最后也能得到自己想要的响应的数据。
因此,分步走的页面,比如员工注册,分为三步走,第一步:校验识别号和用户名,校验完成以后调到第二个页面,校验手机号,手机号校验完成后,跳到第三个页面输入会员名的页面完成注册。为防止模拟器模拟参数请求,直接进到第二个页面,那么可以在后台处理方法里面使用map来存储,用户名作为key,1或2作为value,再写一个拦截第二个和第三个页面的过滤器。在doFilter方法里面,根据这个map的value值来判断是不是第一个页面转过来的。