⽤curl访问HTTPS站点并登录(对HTTP返回的结果特别清楚)
开发⽹站,少不了测试。现在的⽹站为了加强安全性,都启⽤了HTTPS协议。所谓HTTPS,也就是HTTP⽂本在SSL协议中传输。⽤curl命令⾏来测试HTTPS站点是个很有⽤的功能,写点脚本,就可以做功能测试。
假定Ubuntu系统运⾏着⼀个HTTPS站点,⽤CppCMS编写,Nginx配置了SSL证书,通过FastCGI和CppCMS编写的后台进程连接在⼀起。第⼀步,安装:
[plain]
1. apt-get install curl
我的Ubuntu是13.04, 因此安装的curl版本很新,下⾯的命令检查版本号和其他信息:
[plain]
1. curl -V
2. curl 7.29.0 (x86_64-pc-linux-gnu) libcurl/7.29.0 OpenSSL/1.0.1c zlib/1.2.7 libidn/1.25 librtmp/2.3
nginx ssl证书配置
3. Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtmp rtsp smtp smtps telnet tftp
4. Features: GSS-Negotiate IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP
我们可以看到启⽤了SSL, 并且openssl版本是1.0.1c。
第⼆步,访问HTTP站点:
[plain]
1. curl www.baidu
2. <!DOCTYPE html><!--STATUS OK--><html><head><meta http-equiv="content-type" content="text/html;charset=utf-8"><title>百度⼀
下,你就知道<unction()
{var _t=new Date().getTime();kie = "WWW_ST=" + _t +";expires=" + new Date(_t + 10000).toGMTString()})}catch(e){} </script></html><!--b5d54ba904675fbf-->
返回了百度的⽹页内容。内容太多,裁剪了。
第三步,查看详细信息,⽤-v参数。
[plain]
1.  curl -v www.baidu
2. * About to connect() to www.baidu port 80 (#0)
3. *  Trying 61.135.
4. * Connected to www.baidu (61.13
5.169.125) port 80 (#0)
5. > GET / HTTP/1.1
6. > User-Agent: curl/
7.29.0
7. > Host: www.baidu
8. > Accept: */*
9. >
10. < HTTP/1.1 200 OK
11. < Date: Wed, 03 Jul 2013 13:55:45 GMT
12. < Server: BWS/1.0
13. < Content-Length: 10437
14. < Content-Type: text/html;charset=utf-8
15. < Cache-Control: private
16. < Set-Cookie: BDSVRTM=24; path=/
17. < Set-Cookie: H_PS_PSSID=2757_1457_2704_2726_1788_2249_2702; path=/; domain=.baidu
18. < Set-Cookie: BAIDUID=5E81F8E70C5DE6EDB5C24088E3E56359:FG=1; expires=Wed, 03-Jul-
43 13:55:45 GMT; path=/; domain=.baidu
19. < Expires: Wed, 03 Jul 2013 13:55:45 GMT
20. < P3P: CP=" OTI DSP COR IVA OUR IND COM "
21. < Connection: Keep-Alive
22. <
23. <!DOCTYPE html><!--STATUS OK--><html><head><meta http-equiv="content-type" content="text/html;charset=utf-8"><title>百度⼀
下,你就知道</title><style >html,body{height:100%}html{overflow-y:auto}#wrapper{position:relative;_position:;min-
height:100%}#content{padding-bottom:100px;text-align:center}#ftCon{height:100px;position:absolute;bottom:44px;text-
align:center;width:100%;margin:0 auto;z-index:0;overflow:hidden}#ftConw{width:720px;margin:0 auto}body{font:12px arial;text-align:;background:#fff}body,p,form,ul,li{margin:0;padding:0;list-style:none}body,form,#fm{position:relative}td{text-
align:left}img{border:0}a{color:#00c}a:active{color:#f60}#u{color:#999;padding:4px 10px 5px 0;text-
align:right}#u a{margin:0 5px}#u .reg{margin:0}#m{width:720px;margin:0 auto}#nv a,#nv b,.btn,#lk{font-size:14px}#fm{padding-left:110px;text-align:left;z-index:1}input{border:0;padding:0}#nv{height:19px;font-size:16px;margin:0 0 4px;text-alig
这样详细的信息都显⽰出来了。-v参数很有⽤,⼀般调试时都打开。
如果只想查看头部信息,⽤-i代替-v.
第四步,访问本地HTTPS站点
[plain]
1. curl --insecure localhost/your_site/login_page
2.
3. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "/TR/xhtml1/DTD/xhtml1-transitional.dtd">
4. <html xmlns="/1999/xhtml">
5.  <head>
6.    <meta http-equiv="content-type" content="text/html; charset=utf-8">
7.      <meta http-equiv="pragma" content="no-cache">
8.    <meta http-equiv="cache-control" content="no-cache">
---insecure表⽰忽略校验步骤。
我试过⽤--cacert选项指定⽂件,也就是我的nginx使⽤的那个⽂件。但是报错。所以直接忽略算了。
第五步,调⽤HTTPS的login API登录
[plain]
1. curl -v --insecure -d "email=gche@yousite&pwd=123456&language=en" localhost/your_site/login
2. * About to connect() to localhost port 443 (#0)
3. *  Trying 127.0.
4. * Connected to localhost (127.0.0.1) port 443 (#0)
5. * successfully set certificate verify locations:
6. *  CAfile: none
7.  CApath: /etc/ssl/certs
8. * SSLv3, TLS handshake, Client hello (1):
9. * SSLv3, TLS handshake, Server hello (2):
10. * SSLv3, TLS handshake, CERT (11):
11. * SSLv3, TLS handshake, Server key exchange (12):
12. * SSLv3, TLS handshake, Server finished (14):
13. * SSLv3, TLS handshake, Client key exchange (16):
14. * SSLv3, TLS change cipher, Client hello (1):
15. * SSLv3, TLS handshake, Finished (20):
16. * SSLv3, TLS change cipher, Client hello (1):
17. * SSLv3, TLS handshake, Finished (20):
18. * SSL connection using ECDHE-RSA-AES256-SHA
19. * Server certificate:
20. *    subject: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
21. *    start date: 2013-06-02 07:24:53 GMT
22. *    expire date: 2014-06-02 07:24:53 GMT
23. *    issuer: C=AU; ST=Some-State; O=Internet Widgits Pty Ltd
24. *    SSL certificate verify result: self signed certificate (18), continuing anyway.
25. > POST /your_site/login HTTP/1.1
26. > User-Agent: curl/7.29.0
27. > Host: localhost
28. > Accept: */*
29. > Content-Length: 51
30. > Content-Type: application/x-www-form-urlencoded
31. >
32. * upload completely sent off: 51 out of 51 bytes
33. < HTTP/1.1 200 OK
34. < Server: nginx/1.5.1
35. < Date: Wed, 03 Jul 2013 14:02:38 GMT
36. < Content-Type: text/html; charset=utf-8
37. < Transfer-Encoding: chunked
38. < Connection: keep-alive
39. < X-Powered-By: CppCMS/1.0.3
40. < Set-Cookie: cml_session=518b7fc5117e87bce28f2444; Max-Age=36000; Path=/; Version=1
41. <
42. * Connection #0 to host localhost left intact
43. {"message":"Login succeeded!","status":0,"value":""}
-d "...&..." 的参数是通过POST⽅法发送参数。服务端最终回复⼀个JSON格式的字符串,表⽰登录成功。并且拿到了cml_session的值,也就是cookie.
第六步,⽤cookie访问HTTP⽹页。后⾯的⽹页只需要HTTP访问,提供正确的cookie即可。
[plain]
1. curl -v --cookie "cml_session=518b7fc5117e87bce28f2444" localhost/your_site/home
2. * About to connect() to localhost port 80 (#0)
3. *  Trying 127.0.
4. * Connected to localhost (127.0.0.1) port 80 (#0)
5. > GET /your_site/home HTTP/1.1
6. > User-Agent: curl/
7.29.0
7. > Host: localhost
8. > Accept: */*
9. > Cookie: cml_session=518b7fc5117e87bce28f2444
10. >
11. < HTTP/1.1 200 OK
12. < Server: nginx/1.5.1
13. < Date: Wed, 03 Jul 2013 14:06:43 GMT
14. < Content-Type: text/html; charset=utf-8
15. < Transfer-Encoding: chunked
16. < Connection: keep-alive
17. < X-Powered-By: CppCMS/1.0.3
18. <
19.
20. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "/TR/xhtml1/DTD/xhtml1-transitional.dtd">
21. <html xmlns="/1999/xhtml">
22.  <head>
23.    <meta http-equiv="content-type" content="text/html; charset=utf-8">
24.      <meta http-equiv="pragma" content="no-cache">
25.    <meta http-equiv="cache-control" content="no-cache">
26.      <meta http-equiv="expires" content="0">
27.        <title>CML Cloud</title>
28.        <link type="text/css" href="../style/reset.css" rel="stylesheet"/>
29.        <link type="text/css" href="../style/style.css" rel="stylesheet"/>

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。