Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
pronetey22022-01-24 23:47:05
Python
pronetey2, 2022-01-24 23:47:05

How is a python-requests request different from a Fiddler request?

Hey!
The server is somehow able to distinguish between a python-requests request and a Fiddler request.
I send a request to the server using python-requests. The server responds with an error:

{"body":{"phone":{"value":null,"error":"required"}},"email":null,"status":400,"htmlencoded":false}


I open Fiddler, I sniff the same request from requests - absolutely the same situation:

{"body":{"phone":{"value":null,"error":"required"}},"email":null,"status":400,"htmlencoded":false}


But if in Fiddler itself I click on this Replay -> Reissue Requests, then the request will be executed again and the response will already be positive and contain a token:

{"body":{"additional":{},"token":"bSCwMAjwyQ31kRZ3"},"email":null,"status":200,"htmlencoded":false}


There is some fundamental difference in the method of sending requests between requests and Fiddler. Let me remind you that the request is the same, absolutely, exactly the same.
For a better understanding of the situation, I attach screenshots.

61ef0fc2b5a31882521244.png
61ef0fce58eee443152165.png
61ef0fdf58932039296882.png

Here is the Python code itself:

import requests

def check():
    
    session = requests.session()
    proxies={'http': 'http://127.0.0.1:9988','https':'http:127.0.0.1:9988'} # НУЖНО указать свой порт от Fiddler, у меня 9988, но обычно это 8888

    #Задаем заголовки
    headers = {
        'Host': 'account.mail.ru',
        'Connection': 'keep-alive',
        'Content-Length': '2662',
        'sec-ch-ua': '" Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96"',
        'sec-ch-ua-mobile': '?1',
        'User-Agent': 'Mozilla/5.0 (Linux; Android 7.1.2; SM-U614M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36',
        'Accept': 'application/json, text/plain, */*',
        'X-Requested-With': 'XMLHttpRequest',
        'X-Request-Id': '86c3d6b-d649-f6e2-a9f4-968c35b483d5',
        'sec-ch-ua-platform': "Android",
        'Origin': 'https://account.mail.ru',
        'Sec-Fetch-Site': 'same-origin',
        'Sec-Fetch-Mode': 'cors',
        'Sec-Fetch-Dest': 'empty',
        'Referer': 'https://account.mail.ru/signup?from=main_m_touch',
        'Accept-Encoding': 'gzip, deflate, br',
        'Accept-Language': 'ru-RU,ru;q=0.9',
        'Cookie': ''
        }





    
    fp = '{"screen":{"availWidth":"854","availHeight":"480","width":"854","height":"480","colorDepth":"24","pixelDepth":"24","availLeft":"0","availTop":"0"},"navigator":{"vendorSub":"","productSub":"20030107","vendor":"Google Inc.","maxTouchPoints":"5","doNotTrack":"inaccessible","hardwareConcurrency":"4","cookieEnabled":"true","appCodeName":"Mozilla","appName":"Netscape","appVersion":"5.0 (Linux; Android 7.1.2; SM-U614M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36","platform":"Linux i686","product":"Gecko","userAgent":"Mozilla/5.0 (Linux; Android 7.1.2; SM-U614M) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36","language":"ru-RU","onLine":"true","webdriver":"false","pdfViewerEnabled":"false","deviceMemory":"4"},"flash":{"version":"inaccessible"}}'
    



   
    form = {
  'extended': (None, 'true'),
  'more_password_strength': (None, '1'),
  'context': (None, 'signup'),
  'browser': '',
  'from': (None, 'main_m_touch'),
  'sent_me_ads': (None, 'true'),
  'sent_me_ads_common': (None, 'true'),
  'name': (None, '{"first": "karina","last": "famina"}'),
  'birthday': (None, '{"day": 2,"month": 4,"year": 1996}'),
  'sex': (None, 'female'),
  'login': (None, 'sfwergdhj5'),
  'domain': (None, 'mail.ru'),
  'password': (None, '===aaa===aaa'),
  'restore': (None, '{"secret": "-","secret_answer": "-","additional_email": "[email protected]"}'),
  'htmlencoded': (None, 'false'),
  'utm': (None, '{"source": "","medium": "","campaign": "","term": "","content": ""}')}







    form['browser'] = (None, fp) #задаем отпечаток в форму
    form = dict(form)
    session.headers = headers 
    php = 'https://account.mail.ru/api/v1/user/signup'

    result = session.post(php, files=form, headers=headers, verify=False, proxies=proxies) #это запрос через Fiddler
    #result = session.post(php, files=form, headers=headers) #это запрос напрямую
    
    print (result.text)
    # через python всегда выдает ошибку:
    # {"body":{"email1":{"value":null,"error":"required"}},"email2":null,"status":400,"htmlencoded":false}

while True:
    check()
    break

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
N
Nikolay Savelyev, 2022-01-25
@AgentSmith

Difference in Headers

Report
L
LXSTVAYNE, 2022-01-25
@lxstvayne

Try it through postman, it seems like you can immediately convert it to python code.

Similar questions
E
Emil Timerbaev2021-07-12 16:36:51
Are there elements of ternary logic in python? 1Reply
S
SaShATeR2021-07-12 18:03:28
How to process post requests in python? 1Reply
W
wz2021-07-12 19:05:13
tkinter error? 1Reply
I
Ilya Vegner2018-03-17 21:02:02
Pytesseract does not correctly take values ​​from the image, what is the reason for this? 0Reply
V
Vadim Dubitsky2018-03-17 22:17:29
How to add a video stream created with the OpenCV library to a Tkinter window? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question