1. 首頁
  2. 問答
  3. 如何登錄到delphi10

如何登錄到delphi10

2016-06-21 65 views
1

使用IdHTTP我試圖登錄到Instagram的在Delphi使用idhttp網站Instagram的網站。 我用谷歌Chrome開發者工具來獲取數據,這是我到目前爲止已經試過..如何登錄到delphi10

procedure TForm1.Button1Click(Sender: TObject); 
var 
    lHTTP: TIdHTTP; 
    S,M : TStrings; 
    IdSSL: TIdSSLIOHandlerSocketOpenSSL; 
begin 
    S := TStringList.Create; 
    S.Add('username :' +Edit1.Text); 
    S.Add('password :'+ Edit2.Text); 
    lHTTP := TIdHTTP.Create(nil); 
    lHTTP.ReadTimeout := 30000; 
    lHTTP.HandleRedirects := True; 
    IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP); 
    IdSSL.SSLOptions.Method := sslvTLSv1; 
    IdSSL.SSLOptions.Mode := sslmClient; 
    lHTTP.IOHandler := IdSSL; 
    lHTTP.Request.CustomHeaders.Add('x-csrftoken:'+ Edit3.Text); 
    lHTTP.Request.CustomHeaders.Add('x-instagram-ajax:1'); 
    lHTTP.Request.CustomHeaders.Add(' x-requested-with:XMLHttpRequest'); 
    lHTTP.Request.CustomHeaders.Add('referer:https://www.instagram.com/'); 
    lHTTP.Request.ContentType := 'application/x-www-form-urlencoded'; 
    lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36'; 
    lHTTP.Post('https://www.instagram.com/accounts/login/ajax/', S); 
    Memo1.Lines.Add(lHTTP.Request.ToString); 
end;

我令牌手動獲得進入現在,只是爲了測試代碼。我得到HTTP/1.1 403 Forbidden.

UPDATE

這是餅乾信息..

Response Headers 
set-cookie:csrftoken=e3YbQ1FobxgMGcLHRAkj****ML97psae; expires=Tue, 20-Jun-2017 19:09:21 GMT; Max-Age=31449600; Path=/ 
set-cookie:s_network=; expires=Tue, 21-Jun-2016 20:09:21 GMT; Max-Age=3600; Path=/ 
set-cookie:sessionid=IGSC3074cea6684a55981cc30d3c5222ed9e4675db0aa4665d3f5b7ed4ae09be01b6%3AugN5uNRztrtVarx6LuheBkv5tNuaVHrL%3A%7B%22_token_ver%22%3A2%2C%22_auth_user_id%22%3A348733484%2C%22_token%22%3A%22348733484%3A6dXogo2jTCkOf29JEUxHavzxqp9iUOr4%3Aa4f855cabbd5c5d2999538a8ec9093c6a59af65e7306998a5647341bdd691158%22%2C%22asns%22%3A%7B%225.37.149.220%22%3A28885%2C%22time%22%3A1466536160%7D%2C%22_auth_user_backend%22%3A%22accounts.backends.CaseInsensitiveModelBackend%22%2C%22last_refreshed%22%3A1466536160.338314%2C%22_platform%22%3A4%2C%22_auth_user_hash%22%3A%22%22%7D; expires=Mon, 19-Sep-2016 19:09:21 GMT; httponly; Max-Age=7776000; Path=/ 
set-cookie:ds_user_id=348733***; expires=Mon, 19-Sep-2016 19:09:21 GMT; Max-Age= 


Request Headers 
set-cookie:sessionid=IGSC3074cea6684a55981cc30d3c5222ed9e4675db0aa4665d3f5b7ed4ae09be01b6%3AugN5uNRztrtVarx6LuheBkv5tNuaVHrL%3A%7B%22_token_ver%22%3A2%2C%22_auth_user_id%22%3A348***484%2C%22_token%22%3A%22348733484%3A6dXogo2jTCkOf29JEUxHavzxqp9iUOr4%3Aa4f855cabbd5c5d2999538a8ec9093c6a59af65e7306998a5647341bdd691158%22%2C%22asns%22%3A%7B%225.37.149.220%22%3A28885%2C%22time%22%3A1466536160%7D%2C%22_auth_user_backend%22%3A%22accounts.backends.CaseInsensitiveModelBackend%22%2C%22last_refreshed%22%3A1466536160.338314%2C%22_platform%22%3A4%2C%22_auth_user_hash%22%3A%22%22%7D; expires=Mon, 19-Sep-2016 19:09:21 GMT; httponly; Max-Age=7776000; Path=/ 
set-cookie:ds_user_id=348733***; expires=Mon, 19-Sep-2016 19:09:21 GMT; Max-Age=7776000; Path=/

來源

2016-06-21 ColdZer0

回答

2

你是不是正確填充TStringList。您需要使用=而不是:作爲name=value分隔符。與CustomHeaders.Add()相同。在後一種情況下,我建議使用CustomHeaders.Values[]代替。

你也應該使用Request.Referer屬性而不是CustomHeaders.Add()

的情況並不少見需要先請求包含登錄表單提交的實際登錄之前,使之與HTML相關的任何cookie可以被捕獲並登錄表單提交的HTML頁面。 Instagram也不例外。

此外,Request.ToString()是沒有意義的,你不應該使用,在所有。

最後,您正在泄漏您創建的對象。

隨着中說,試試這個來代替:

procedure TForm1.Button1Click(Sender: TObject); 
var 
    lHTTP: TIdHTTP; 
    IdSSL: TIdSSLIOHandlerSocketOpenSSL; 
    Params : TStrings; 
    Reply, Token: string; 
    Cookie: TIdCookie; 
begin 
    Params := TStringList.Create; 
    try 
    Params.Add('username=' + Edit1.Text); 
    Params.Add('password=' + Edit2.Text); 

    lHTTP := TIdHTTP.Create(nil); 
    try 
     IdSSL := TIdSSLIOHandlerSocketOpenSSL.Create(lHTTP); 
     IdSSL.SSLOptions.Method := sslvTLSv1; 
     IdSSL.SSLOptions.Mode := sslmClient; 
     lHTTP.IOHandler := IdSSL; 

     lHTTP.ReadTimeout := 30000; 
     lHTTP.HandleRedirects := True; 

     // capture cookies first... 
     // passing nil to ignore any response body data and not waste memory for it... 
     lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36'; 
     lHTTP.Get('https://www.instagram.com', TStream(nil)); 

     Cookie := lHTTP.CookieManager.CookieCollection.Cookie['csrftoken', 'www.instagram.com']; 
     if Cookie <> nil then 
     Token := Cookie.Value; 

     // now submit the login webform... 
     lHTTP.Request.CustomHeaders.Values['X-CSRFToken'] := Token; 
     lHTTP.Request.CustomHeaders.Values['X-Instagram-AJAX'] := '1'; 
     lHTTP.Request.CustomHeaders.Values['X-Requested-With'] := 'XMLHttpRequest'; 
     lHTTP.Request.Referer := 'https://www.instagram.com/'; 
     lHTTP.Request.ContentType := 'application/x-www-form-urlencoded'; 
     lHTTP.Request.UserAgent := 'Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36'; 
     Reply := lHTTP.Post('https://www.instagram.com/accounts/login/ajax/', Params); 

     Memo1.Text := Reply; 
    finally 
     lHTTP.Free; 
    end; 
    finally 
    Params.Free; 
    end; 
end;

這裏是導致HTTP對話框兩個請求:

:我沒有一個Instagram的帳戶,這就是爲什麼在這個例子中登錄沒有被認證。但正如您在下面看到的,代碼仍然能夠通過登錄POST的JSON數據接收HTTP 200響應。

 
GET/HTTP/1.1 
Host: www.instagram.com 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36 

 
HTTP/1.1 200 OK 
Strict-Transport-Security: max-age=86400 
Content-Language: en 
Set-Cookie: sessionid=; expires=Thu, 01-Jan-1970 00:00:00 GMT; Max-Age=0; Path=/; HttpOnly; Domain=instagram.com 
Expires: Sat, 01 Jan 2000 00:00:00 GMT 
Vary: Cookie, Accept-Language, Accept-Encoding 
Pragma: no-cache 
Cache-Control: private, no-cache, no-store, must-revalidate 
Date: Tue, 21 Jun 2016 20:06:56 GMT 
X-Frame-Options: SAMEORIGIN 
Content-Type: text/html 
Set-Cookie: csrftoken=<token>; expires=Tue, 20-Jun-2017 20:06:56 GMT; Max-Age=31449600; Path=/ 
Set-Cookie: mid=<value>; expires=Mon, 16-Jun-2036 20:06:56 GMT; Max-Age=630720000; Path=/ 
Connection: keep-alive 
Content-Length: <HTML byte length> 

<actual HTML bytes> 

 
POST /accounts/login/ajax/ HTTP/1.0 
Content-Type: application/x-www-form-urlencoded 
Content-Length: <params byte length> 
X-CSRFToken: <token> 
X-Instagram-AJAX: 1 
X-Requested-With: XMLHttpRequest 
Host: www.instagram.com 
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
Referer: https://www.instagram.com/ 
User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.76 Mobile Safari/537.36 
Cookie: mid=<value>; csrftoken=<token> 

username=<user>&password=<pass> 

 
HTTP/1.1 200 OK 
Strict-Transport-Security: max-age=86400 
Content-Language: en 
Expires: Sat, 01 Jan 2000 00:00:00 GMT 
Vary: Cookie, Accept-Language 
Pragma: no-cache 
Cache-Control: private, no-cache, no-store, must-revalidate 
Date: Tue, 21 Jun 2016 20:06:57 GMT 
Content-Type: application/json 
Set-Cookie: csrftoken=<token>; expires=Tue, 20-Jun-2017 20:06:57 GMT; Max-Age=31449600; Path=/ 
Connection: close 
Content-Length: <json byte length> 

{"status": "ok", "authenticated": false, "user": "<user>"}

來源

2016-06-21 19:16:15

+0

非常感謝的信息,但我仍然得到403錯誤,我想maybes有比訪問令牌其它餅乾的數據,所以我已經更新了餅乾後。 – ColdZer0

+0

@ ColdZer0:你是否在說Post()並沒有發送Get()所有的cookie? –

+0

老實說idk,但爲什麼即時獲得403錯誤?! – ColdZer0

相關問題

 相關問題