我从Chrome扩展程序发出的POST请求看起来与手动提交表单的扩展名相同。我已经同时提交并比较了正文和标题,但它们看起来完全相同。
通过浏览器表单发出的POST会导致302重定向。创建了POSTed条目,用户最终会在编辑屏幕上显示它。
通过扩展程序发出的POST会导致500错误。
我过滤了扩展程序发送的许多标题,以匹配浏览器生成的标题,以防服务器查找某些将请求提示为非本机的内容。
希望在联系正在发布的系统的开发人员之前耗尽所有选项。服务器端可能发生任何明显的事情来阻止这个请求吗?
这是通过浏览器表单发出的POST请求:
请求标题
Host: myhost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:53.0) Gecko/20100101 Firefox/53.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 901
Referer: https://myhost.com/referer
Cookie: app2=cookieredacted
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
请求正文
record[user_name]=aasldkjflasdjf
record[new_password]=ljl;jl;kjklj
record[first_name]=ethan
record[middle_name]
record[last_name]=lastnm
record[name_suffix]
record[gender]=M
record[dob]=07/28/77
record[ssn]=654656546
record[group_number]
record[misc_number]
record[mothers_maiden_name]
record[active]=N
record[active]=Y
record[has_paper_chart]=0
record[notes]
record[address1]=234+htha+st
record[address2]
record[city]=euge
record[county_of_residence]
record[state]=OR
record[zip]=98754
record[country]
record[tel1]=5155555555
record[tel1_status]=4
record[tel2]
record[tel2_status]
record[cell]
record[cell_status]
record[email]=ethan@foo.com
record[preferred_contact]=home_tel
record[house]
record[room]
record[bed]
record[classroom]
响应标题
Server: nginx/1.6.2
Date: Sun, 09 Jul 2017 01:06:12 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Status: 302 Found
Location: /entry/edit
从扩展名:
请求标题
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding:gzip, deflate, br
Accept-Language:en-US,en;q=0.5
Cache-Control:no-cache
Connection:keep-alive
Content-Length:920
Content-Type:application/x-www-form-urlencoded
Cookie:app2=cookieredacted; gsScrollPos-2545=
Host:myhost.com
Pragma:no-cache
Referer:https://myhost.com/referer
Upgrade-Insecure-Requests:1
User-Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.50 Safari/537.36
请求正文
new_password_stub:"FoECbiRN"
record[active]:"Y"
record[address1]:"123 N 5th St"
record[address2]:""
record[bed]:""
record[cell]:""
record[cell_status]:""
record[city]:"Eugene"
record[classroom]:""
record[country]:""
record[county_of_residence]:""
record[dob]:"9/28/91"
record[email]:"ethan@foo.com"
record[first_name]:"Foo"
record[gender]:"M"
record[group_number]:""
record[has_paper_chart]:0
record[house]:""
record[last_name]:"Bar"
record[middle_name]:""
record[misc_number]:""
record[mothers_maiden_name]:""
record[name_suffix]:""
record[new_password]:"FoECbiRN"
record[notes]:""
record[preferred_contact]:"home_tel"
record[room]:""
record[send_notifications]:0
record[ssn]:"222222222"
record[state]:"OR"
record[tel1]:"5155555555"
record[tel1_status]:2
record[tel2]:""
record[tel2_status]:""
record[user_name]:"BarFoo2017"
record[zip]:"97401"
响应标题
Cache-Control:no-cache
Connection:keep-alive
Content-Length:5110
Content-Type:text/html; charset=utf-8
Date:Sun, 09 Jul 2017 02:09:33 GMT
Server:nginx/1.6.2
Set-Cookie:mysite_session_id=; max-age=0; expires=Thu, 01 Jan 1970 00:00:00 -0000
Status:500 Internal Server Error