我正在尝试向位于https://clients4.google.com的 Chrome 同步服务发送 POST 请求。我正在使用那一小段代码来发送我之前在 BURP Suite 的帮助下捕获并保存到文件中的请求。这是 Chrome 在连接到同步服务时发送的内容。该代码打开一个 SSLSocket,连接到 Chrome 服务器并发送该文件的内容(见下文):
private void sendRequest() {
SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket socket = (SSLSocket) sslsocketfactory.createSocket("clients4.google.com", 443);
socket.startHandshake();
BufferedWriter out = new BufferedWriter(
new OutputStreamWriter(socket.getOutputStream(), "UTF8"));
BufferedReader in = new BufferedReader(
new InputStreamReader(socket.getInputStream()));
sendMessage(out, new File("request.bin"));
readResponse(in);
out.close();
in.close();
}
private void sendMessage(BufferedWriter out, File request) throws IOException {
List<String> result = getContents(request);
for (String line : result) {
out.write(line + "\r\n");
}
out.write("\r\n");
out.flush();
}
private void readResponse(BufferedReader in) throws IOException {
String line;
while ((line = in.readLine()) != null) {
System.out.println(line);
}
}
private List getContents(File file) throws IOException {
List<String> contents = new ArrayList<String>();
BufferedReader input = new BufferedReader(new FileReader(file));
String line;
while ((line = input.readLine()) != null) {
contents.add(line);
}
input.close();
return contents;
}
request.bin 文件如下所示(这是一个没有 SSL 的明文请求):
POST /chrome-sync/command/?client=Google+Chrome&client_id={VALID_CLIENT_ID} HTTP/1.1
Host: clients4.google.com
Connection: keep-alive
Content-Length: 1730
Authorization: GoogleLogin auth={MY_VALID_AUTH_DATA}
Content-Type: application/octet-stream
User-Agent: Chrome WIN 23.0.1271.97 (171054)
Accept-Encoding: gzip,deflate,sdch
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
{binary data}
现在此请求失败,因为服务器返回HTTP/1.0 404 Not Found。但是为什么会这样呢?这与 Chrome 发送的请求完全相同,不是吗?我在这里想念什么?