webBrowser1.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整【转】
2013-07-03 13:40
288 查看
在做数据采集时,有些网站需要输入验证码,但各网站验证码都不同,不可能有完美的识别验证码的代码,所以我也没去研究,我所采取的方案是:在winform里通过WebBrowser调用网页先手动登录系统,然后再通过webBrowser1.Document.Cookie获取其Cookie,再将其用到HttpWebRequest里用来访问自己需要的页。
一直用的都没有问题,但最近在对一个网站操作时总是不能获取完整Cookie,百思不得其解,使用Fiddler2对比发现,不能获取到的Cookie里最后有一个HttpOnly的标识,顺藤摸瓜发现原来webBrowser1.Document.Cookie里是取不到HttpOnly的Cookie的,也找到解决方法:
View Code
一直用的都没有问题,但最近在对一个网站操作时总是不能获取完整Cookie,百思不得其解,使用Fiddler2对比发现,不能获取到的Cookie里最后有一个HttpOnly的标识,顺藤摸瓜发现原来webBrowser1.Document.Cookie里是取不到HttpOnly的Cookie的,也找到解决方法:
using System;
using System.ComponentModel;
using System.Net;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Permissions;
using System.Text;
internal sealed class NativeMethods
{
#region enums
public enum ErrorFlags
{
ERROR_INSUFFICIENT_BUFFER = 122,
ERROR_INVALID_PARAMETER = 87,
ERROR_NO_MORE_ITEMS = 259
}
public enum InternetFlags
{
INTERNET_COOKIE_HTTPONLY = 8192, //Requires IE 8 or higher
INTERNET_COOKIE_THIRD_PARTY = 131072,
INTERNET_FLAG_RESTRICTED_ZONE = 16
}
#endregion
#region DLL Imports
[SuppressUnmanagedCodeSecurity, SecurityCritical, DllImport("wininet.dll", EntryPoint = "InternetGetCookieExW", CharSet = CharSet.Unicode, SetLastError = true, ExactSpelling = true)]
internal static extern bool InternetGetCookieEx([In] string Url, [In] string cookieName, [Out] StringBuilder cookieData, [In, Out] ref uint pchCookieData, uint flags, IntPtr reserved);
#endregion
}
/// <SUMMARY></SUMMARY>
/// 取得WebBrowser的完整Cookie。
/// 因为默认的webBrowser1.Document.Cookie取不到HttpOnly的Cookie
///
public class FullWebBrowserCookie
{
[SecurityCritical]
public static string GetCookieInternal(Uri uri, bool throwIfNoCookie)
{
uint pchCookieData = 0;
string url = UriToString(uri);
uint flag = (uint)NativeMethods.InternetFlags.INTERNET_COOKIE_HTTPONLY;
//Gets the size of the string builder
if (NativeMethods.InternetGetCookieEx(url, null, null, ref pchCookieData, flag, IntPtr.Zero))
{
pchCookieData++;
StringBuilder cookieData = new StringBuilder((int)pchCookieData);
//Read the cookie
if (NativeMethods.InternetGetCookieEx(url, null, cookieData, ref pchCookieData, flag, IntPtr.Zero))
{
DemandWebPermission(uri);
return cookieData.ToString();
}
}
int lastErrorCode = Marshal.GetLastWin32Error();
if (throwIfNoCookie || (lastErrorCode != (int)NativeMethods.ErrorFlags.ERROR_NO_MORE_ITEMS))
{
throw new Win32Exception(lastErrorCode);
}
return null;
}
private static void DemandWebPermission(Uri uri)
{
string uriString = UriToString(uri);
if (uri.IsFile)
{
string localPath = uri.LocalPath;
new FileIOPermission(FileIOPermissionAccess.Read, localPath).Demand();
}
else
{
new WebPermission(NetworkAccess.Connect, uriString).Demand();
}
}
private static string UriToString(Uri uri)
{
if (uri == null)
{
throw new ArgumentNullException("uri");
}
UriComponents components = (uri.IsAbsoluteUri ? UriComponents.AbsoluteUri : UriComponents.SerializationInfoString);
return new StringBuilder(uri.GetComponents(components, UriFormat.SafeUnescaped), 2083).ToString();
}
}View Code
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- webBrowser1.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整
- webBrowser.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整
- 利用HTTP-only Cookie缓解XSS之痛
- 设置cookie的httponly属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?(downmoon原创)
- 利用HTTP-only Cookie缓解XSS之痛
- 增加 cookie 安全性添加HttpOnly和secure属性
- PHP设置Cookie的HTTPONLY属性
- 网站安全测试,会话 cookie 中缺少 HttpOnly 属性
- cookie httponly属性
- .NET中的Cookie设置HttpOnly,可以防止JS获取Cookie的值
- Cookie设置HttpOnly,Secure,Expire属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?(downmoon原创)
- c#中HttpWebRequest对应302重定向为什么取不到 cookie
- HttpWebResponse取不到Cookie?原来是因为被跳转了
- 检测到会话cookie中缺少HttpOnly属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?
- HttpCookie.HttpOnly 属性
- 会话cookie中缺少HttpOnly属性 解决
- 使用HttpOnly提升Cookie安全性