java - 使用 httpclient 登录 Xing

Question

我在使用 httpclient 登录 xing 时遇到了一些问题。当我手动登录时使用 livehttpheaders 捕获步骤并使用addHeader("Cookie", "...."). 但是一旦我在浏览器中注销，它就不再起作用了。我假设我必须保存 cookie 并在每个帖子或 get 方法中发送它们。我用 BasicCookieStore 试过，但不是所有的 cookie 都被保存了。当我运行这个：

BasicCookieStore cookieStore = new BasicCookieStore();
HttpContext httpContext = new BasicHttpContext();
httpContext.setAttribute(ClientContext.COOKIE_STORE, cookieStore);
CloseableHttpClient httpclient = HttpClients.custom()
            .setDefaultCookieStore(cookieStore)
            .build();
try {
     HttpGet httpget = new HttpGet("https://www.xing.com/");
     CloseableHttpResponse response = httpclient.execute(httpget, httpContext);
     try {
         HttpEntity entity = response.getEntity();

         System.out.println("Login form get: " + response.getStatusLine());
         EntityUtils.consume(entity);

         System.out.println("Initial set of cookies:");
         List<Cookie> cookies = cookieStore.getCookies();
         if (cookies.isEmpty()) {
             System.out.println("None");
         } else {
             for (int i = 0; i < cookies.size(); i++) {
                 System.out.println("- " + cookies.get(i).toString());
             }
         }
     } finally {
         response.close();
     }
     HttpPost httpPost = new HttpPost("https://login.xing.com/login");
     List <NameValuePair> nvps = new ArrayList <NameValuePair>();
     nvps.add(new BasicNameValuePair("username", "name%40host.com"));
     nvps.add(new BasicNameValuePair("password", "mypassword"));
     httpPost.setEntity(new UrlEncodedFormEntity(nvps));
     httpPost.addHeader("Referer", "https://www.xing.com/");
     httpPost.addHeader("User-Agent", "Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0");

     CloseableHttpResponse response1 = httpclient.execute(httpPost, httpContext);
     try {
         HttpEntity entity = response1.getEntity();
         System.out.println("Login form get: " + response1.getStatusLine());
         EntityUtils.consume(entity);

         System.out.println("Post logon cookies:");
         List<Cookie> cookies = cookieStore.getCookies();
         if (cookies.isEmpty()) {
             System.out.println("None");
         } else {
             for (int i = 0; i < cookies.size(); i++) {
                 System.out.println("- " + cookies.get(i).toString());
             }
         }
     } finally {
         response1.close();
     }

我得到：

Login form get: HTTP/1.1 200 OK
Initial set of cookies:
- [version: 0][name: c_][value: 0x11791BDA9E4611E49EF65B88668E3E29][domain: .xing.com][path: /][expiry: Fri Jan 12 14:40:50 CET 2035]
Login form get: HTTP/1.1 302 Found
Post logon cookies:
- [version: 0][name: _session_id][value: 335a78c6dca029dc47e1a7d6f86e2736][domain: login.xing.com][path: /][expiry: null]
- [version: 0][name: c_][value: 0x11791BDA9E4611E49EF65B88668E3E29][domain: .xing.com][path: /][expiry: Fri Jan 12 14:40:50 CET 2035]

但我认为有些饼干不见了。当我手动登录时，会出现更多 cookie s_cc, s_sq, s_vi, s_fid，并且每次登录时都会有 3 个不同：login, xing, and reg_ref 现在我的问题是：我必须做些什么才能获取这些 cookie 并在每种方法中正确发送它们？

Answer 1

您需要为 httpclient 设置 cookiepolicy 来处理 cookie，而且 cookie 存储为空的原因可能是违反了给定的 cookie 策略，因此您必须找到最适合的 cookie 策略。

Apache HttpClient 3.+ 示例

httpclient.getParams().setParameter(ClientPNames.COOKIE_POLICY, CookiePolicy.BROWSER_COMPATIBILITY);

Apache HttpClient 4.3+ 示例

  RequestConfig globalConfig = RequestConfig.custom().setCookieSpec(CookieSpecs.BROWSER_COMPATIBILITY).build();
CookieStore cookieStore = new BasicCookieStore();
HttpClientContext context = HttpClientContext.create();
context.setCookieStore(cookieStore);

CloseableHttpClient httpClient = HttpClients.custom().setDefaultRequestConfig(globalConfig).setDefaultCookieStore(cookieStore).build()

更多关于 Apache HttpClient cookiepolicy 的信息在这里