webBrowser1.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整【转】
2013-07-03 13:40
288 查看
在做数据采集时,有些网站需要输入验证码,但各网站验证码都不同,不可能有完美的识别验证码的代码,所以我也没去研究,我所采取的方案是:在winform里通过WebBrowser调用网页先手动登录系统,然后再通过webBrowser1.Document.Cookie获取其Cookie,再将其用到HttpWebRequest里用来访问自己需要的页。
一直用的都没有问题,但最近在对一个网站操作时总是不能获取完整Cookie,百思不得其解,使用Fiddler2对比发现,不能获取到的Cookie里最后有一个HttpOnly的标识,顺藤摸瓜发现原来webBrowser1.Document.Cookie里是取不到HttpOnly的Cookie的,也找到解决方法:
View Code
一直用的都没有问题,但最近在对一个网站操作时总是不能获取完整Cookie,百思不得其解,使用Fiddler2对比发现,不能获取到的Cookie里最后有一个HttpOnly的标识,顺藤摸瓜发现原来webBrowser1.Document.Cookie里是取不到HttpOnly的Cookie的,也找到解决方法:
using System; using System.ComponentModel; using System.Net; using System.Runtime.InteropServices; using System.Security; using System.Security.Permissions; using System.Text; internal sealed class NativeMethods { #region enums public enum ErrorFlags { ERROR_INSUFFICIENT_BUFFER = 122, ERROR_INVALID_PARAMETER = 87, ERROR_NO_MORE_ITEMS = 259 } public enum InternetFlags { INTERNET_COOKIE_HTTPONLY = 8192, //Requires IE 8 or higher INTERNET_COOKIE_THIRD_PARTY = 131072, INTERNET_FLAG_RESTRICTED_ZONE = 16 } #endregion #region DLL Imports [SuppressUnmanagedCodeSecurity, SecurityCritical, DllImport("wininet.dll", EntryPoint = "InternetGetCookieExW", CharSet = CharSet.Unicode, SetLastError = true, ExactSpelling = true)] internal static extern bool InternetGetCookieEx([In] string Url, [In] string cookieName, [Out] StringBuilder cookieData, [In, Out] ref uint pchCookieData, uint flags, IntPtr reserved); #endregion } /// <SUMMARY></SUMMARY> /// 取得WebBrowser的完整Cookie。 /// 因为默认的webBrowser1.Document.Cookie取不到HttpOnly的Cookie /// public class FullWebBrowserCookie { [SecurityCritical] public static string GetCookieInternal(Uri uri, bool throwIfNoCookie) { uint pchCookieData = 0; string url = UriToString(uri); uint flag = (uint)NativeMethods.InternetFlags.INTERNET_COOKIE_HTTPONLY; //Gets the size of the string builder if (NativeMethods.InternetGetCookieEx(url, null, null, ref pchCookieData, flag, IntPtr.Zero)) { pchCookieData++; StringBuilder cookieData = new StringBuilder((int)pchCookieData); //Read the cookie if (NativeMethods.InternetGetCookieEx(url, null, cookieData, ref pchCookieData, flag, IntPtr.Zero)) { DemandWebPermission(uri); return cookieData.ToString(); } } int lastErrorCode = Marshal.GetLastWin32Error(); if (throwIfNoCookie || (lastErrorCode != (int)NativeMethods.ErrorFlags.ERROR_NO_MORE_ITEMS)) { throw new Win32Exception(lastErrorCode); } return null; } private static void DemandWebPermission(Uri uri) { string uriString = UriToString(uri); if (uri.IsFile) { string localPath = uri.LocalPath; new FileIOPermission(FileIOPermissionAccess.Read, localPath).Demand(); } else { new WebPermission(NetworkAccess.Connect, uriString).Demand(); } } private static string UriToString(Uri uri) { if (uri == null) { throw new ArgumentNullException("uri"); } UriComponents components = (uri.IsAbsoluteUri ? UriComponents.AbsoluteUri : UriComponents.SerializationInfoString); return new StringBuilder(uri.GetComponents(components, UriFormat.SafeUnescaped), 2083).ToString(); } }
View Code
相关文章推荐
- webBrowser1.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整
- webBrowser.Document.Cookie取不到HttpOnly的Cookie,取Cookie不完整
- 利用HTTP-only Cookie缓解XSS之痛
- 设置cookie的httponly属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?(downmoon原创)
- 利用HTTP-only Cookie缓解XSS之痛
- 增加 cookie 安全性添加HttpOnly和secure属性
- PHP设置Cookie的HTTPONLY属性
- 网站安全测试,会话 cookie 中缺少 HttpOnly 属性
- cookie httponly属性
- .NET中的Cookie设置HttpOnly,可以防止JS获取Cookie的值
- Cookie设置HttpOnly,Secure,Expire属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?(downmoon原创)
- c#中HttpWebRequest对应302重定向为什么取不到 cookie
- HttpWebResponse取不到Cookie?原来是因为被跳转了
- 检测到会话cookie中缺少HttpOnly属性
- HttpCookie.HttpOnly VS Cookie.HttpOnly?
- HttpCookie.HttpOnly 属性
- 会话cookie中缺少HttpOnly属性 解决
- 使用HttpOnly提升Cookie安全性