我在我的localhost中运行了一个django网站 . 我将通过tcp套接字访问该网站并将一些数据发布到服务器 .
我已成功访问该网站,但由于csrf验证,我无法将任何数据发布到服务器 .
我所做的是,在我从服务器获得的响应中,我取出了csrf令牌并将其存储在一个字符串中,然后通过一个post请求发布它 . 但我得到csrf验证失败错误 .
如何通过tcp套接字完成发布数据的任务?
我的代码如下:
#include <iostream>
#include <vector>
#include <boost/asio.hpp>
#include <string>
#include <algorithm>
#include <sstream>
#include <ostream>
using boost::asio::ip::tcp;
void getresponse(std::string request, boost::asio::streambuf& response, tcp::socket& socket);
int main()
{
std::string hostName = "localhost";
std::string serviceName = "http";
try
{
boost::asio::io_service io_service;
// get a list of endpoints corresponding to the server name
tcp::resolver resolver(io_service);
tcp::resolver::query query(hostName, serviceName);
tcp::resolver::iterator endpt_iterator = resolver.resolve(query);
tcp::resolver::iterator end;
// try each endpoint until we successfully establish a connection
tcp::socket socket(io_service);
//tcp::socket socket1(io_service);
boost::system::error_code error = boost::asio::error::host_not_found;
while (error && endpt_iterator != end)
{
socket.close();
//socket1.close();
socket.connect(*endpt_iterator++, error);
//socket1.connect(*endpt_iterator++, error);
}
if (error)
{
std::cout << "Error connecting.. \n";
throw boost::system::system_error(error);
}
// we secify "Connection:close" header and thus the server closes after the response has been send.
// this will allow us to treat all data up untill the EOF as the content
//boost::asio::streambuf request;
//std::ostream request_stream(&request);
std::string requeststr = "GET ";
requeststr+="/ HTTP/1.0\r\nUser-Agent: bibek\r\nHost: localhost\r\nAccept: text/html\r\nConnection: Keep-Alive\r\n\r\n";
boost::asio::streambuf response;
std::string responseString, code;
getresponse(requeststr, response, socket);
std::istream response_stream(&response);
while(!std::getline(response_stream, responseString).eof())
{
//std::cout << responseString << std::endl;
if(responseString.find("csrfmiddlewaretoken")!=std::string::npos)
{
// this one is for finding the value of csrf token
int pos1 = responseString.find("value");
code = responseString.substr(pos1);
pos1 = code.find("\'");
code = code.substr(pos1+1);
pos1 = code.find("\'");
code = code.substr(0,pos1);
std::cout << code << std::endl;
}
}
requeststr = "POST ";
requeststr+="/ HTTP/1.1\r\nUser-Agent: bibek\r\nHost: localhost\r\nAccept: text/html\r\n";
requeststr+= "Content-Type: application/x-www.form-urlencoded\r\nConnection: Keep-Alive\r\n\r\n";
requeststr+="&csrfmiddlewaretoken="+code+"name=bibek&email=pandey&comment=thisisnice";
boost::asio::streambuf response1;
getresponse(requeststr, response1, socket);
std::istream response_stream1(&response1);
while(!std::getline(response_stream1, responseString).eof())
{
std::cout << responseString << std::endl;
}
// read until EOF, witing data to output as we go.
while (boost::asio::read(socket, response, boost::asio::transfer_at_least(1), error))
std::cout << &response;
if (error != boost::asio::error::eof)
{
std::cout << "Error!!!!\n";
throw boost::system::system_error(error);
}
}
catch (std::exception & e)
{
std::cout << "Exception: " << e.what() << "\n";
}
return 0;
}
void getresponse(std::string requeststr, boost::asio::streambuf& response, tcp::socket& socket)
{
char * testchar = new char[requeststr.length() + 1];
strcpy(testchar, requeststr.c_str());
// send the request
boost::asio::write(socket, boost::asio::buffer(testchar, requeststr.length()+1));
// read the response until the end.
boost::asio::read_until(socket, response, "</html>");
}
在这里,我第一次从服务器得到响应,我可以找到csrf令牌 . 但是,下次我发送一个Post(或Get)请求时,虽然连接意味着保持活动,但我会收到文件异常结束 . 我想在下一个请求中发布csrf令牌 .