Web 浏览器如何从 HTML 源代码构建有效的 HTTP POST 请求?
例如,https://stackexchange.com/users/login 上的登录表单看起来像:
<form method="post" action="/affiliate/form/login/submit">
<table class="position-table">
<tbody><tr>
<td class="input-td">
<label for="email" class="accessibility-hidden">Email</label>
<input class="framed-text-field edit-field-overlayed" type="text" name="email" id="email" maxlength="100" style="opacity: 0.3; z-index: 1; position: relative;">
<span class="form-help" style="display: none;">name@example.com</span>
</td>
<td class="input-td">
<label for="password" class="accessibility-hidden">Password</label>
<input class="framed-text-field edit-field-overlayed" type="password" name="password" id="password" style="opacity: 0.3; z-index: 1; position: relative;">
<span class="form-help" style="display: none;">Password</span>
</td>
<td></td>
<td class="input-td">
<input type="submit" class="affiliate-button" value="Sign In">
</td>
</tr>
</tbody></table>
<input type="hidden" name="affId" value="XX">
<input type="hidden" id="fkey" name="fkey" value="XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX">
</form>
如果我拦截我的浏览器发送的请求,我可以看到完整的 POST 请求是:
POST /affiliate/form/login/submit HTTP/1.1
Host: openid.stackexchange.com
Connection: close
Content-Length: 86
Cache-Control: max-age=0
Origin: https://openid.stackexchange.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://openid.stackexchange.com/affiliate/form?affId=11&background=transparent&callback=https%3a%2f%2fstackexchange.com%2fusers%2fauthenticate&color=black&nonce=ZUlWWgAAAADlmwCfYbAw%2bg%3d%3d&openid.sreg.requested=email&signupByDefault=false&onLoad=signin-loaded&authCode=E8UrPSRT%2bzAs6b2nqZygJVS2cHb%2fY8TwtrlMUN3bORnP0o7IZRGIatV%2fkJ73KMX0nwrcnJdf2qBKFzJJ28czMo9GWAQesGoO4qgp6XZgulhYzlpEL4XOpTotYAVSlq5K5mFQjwTy6I4YbtJrsIyFs4yy2EgNlOe%2b7E0W%2fRVpnws%3d
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: prov=XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX; acct=XXXXXXXXXXXXXXXvXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX; canary=X; anon=XXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX
email=AzureDiamond&password=Hunter2&affId=11&fkey=XXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXX
我的网络浏览器 (chrome) 如何知道根据它在 HTML 表单中看到的内容来构造 POST 请求?某些方面是显而易见的,请求方法、目标、内容长度、实际等都在表单中可见(或由用户输入)。
我不明白构造的标题是:
- 缓存控制
- 升级不安全请求
- 内容类型
- 接受
- 引用
- 接受编码
- 接受语言
这些是浏览器内置/编写的吗?我不这么认为,因为当我尝试从请求中剥离它们时,我从 stackexchange 返回了错误的请求错误。但是我似乎无法找到浏览器从中构建它们的内容?
最佳答案
浏览器假定表单请求的数据不是静态的,因此知道设置“Cache-Control: max-age=0”。浏览器对其他请求 header 做出了类似的默认假设。
但是,可以使用 <META 覆盖一些默认值标签: enter link description here (我在 StackOverflow 的类似问题下找到了链接)。其他设置为表单属性,如 <form accept-charset="ISO-8859-1" ...
关于http - POST 请求是如何构造的?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/48192981/