前言
第三题的考点就是header的顺序。所以我们需要借助抓包工具获取原始的headers顺序。
一、抓包分析
通过抓包分析可以看出,cookie、请求体、请求头并没有什么加密内容,但是直接请求数据返回的却是一段混淆的js,解密后就是一个undefined,所以我们应该想到可能是请求头的顺序进行了检测,因为用requests请求,会对请求头进行随机排序。因此需要借助抓包工具获取原始请求头顺序。
二、python实现
(1)原始请求头获取
利用fidder工具抓包获取jssm包的原始请求头。
再借助网站进行格式化
(2)python代码
headers = {
"Host": "match.yuanrenxue.cn",
"Connection": "keep-alive",
"Content-Length": "0",
"Pragma": "no-cache",
"Cache-Control": "no-cache",
"sec-ch-ua": "\"Google Chrome\";v=\"123\", \"Not:A-Brand\";v=\"8\", \"Chromium\";v=\"123\"",
"sec-ch-ua-mobile": "?0",
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36",
"sec-ch-ua-platform": "\"Windows\"",
"Accept": "*/*",
"Origin": "https://match.yuanrenxue.cn",
"Sec-Fetch-Site": "same-origin",
"Sec-Fetch-Mode": "cors",
"Sec-Fetch-Dest": "empty",
"Referer": "https://match.yuanrenxue.cn/match/3",
"Accept-Encoding": "gzip, deflate, br, zstd",
"Accept-Language": "zh-CN,zh;q=0.9",
"Cookie": "Hm_lvt_c99546cf032aaa5a679230de9a95c7db=1712720200,1712734016,1712734400,1712804436; no-alert3=true; sessionid=ed9hdnni33c0rlhxfafnmto3usn17nm3; m=3ZetVkBlnWyeAJP0%2Bz4NueC4Wg8TRPOKqUVubVNbm%2BLI55VVIdIrvUMaA51rpPawbxCfw7WIuIjNErt92Fu%2FF0cyN%2FVb5ujpvCE%2F2H41rx5GYhmYoj%2FpkiR4iKlrcwarQMmnC92PP9XisoX28rHZ9cGlwQ5UtcWAxw07aKL%2FW3bbk%2FvzZC8gpgknUud80zCqSxJz7YAduPclt9D%2B9kNWK7GkO2aTLoBCOCvNsr%2BdnO1p4ZKHki%2BzrDsjE13vWQI3e56PXmtv08O69dYcXkM9xKGdkcrTLJB72e13nD8RTX0%2B4%2B3f3L6pDSRV704kJM99Fy3CnsKCxhRQstjVb1DVaaQ%3D%3Dr; tk=4183406416813227206; Hm_lvt_9bcbda9cbf86757998a2339a0437208e=1712709732,1713313077; Hm_lpvt_9bcbda9cbf86757998a2339a0437208e=1713313077; Hm_lpvt_c99546cf032aaa5a679230de9a95c7db=1713313606"
}
session=requests.session()
session.headers=headers
response = session.post("https://match.yuanrenxue.cn/jssm")
response = session.get(f'https://match.yuanrenxue.cn/api/match/3?page=5?page=1')
总结:
总体来说,了解了请求头顺序的这个知识点后,这道题还是很简单的。