【问题标题】:How can I get CURL to correctly perform an HTTP/2 request?如何让 CURL 正确执行 HTTP/2 请求?
【发布时间】:2022-11-23 23:36:09
【问题描述】:

所以我想查询以下网址:http://mil.sagepub.com/content/17/2/227.short

情况如下:在 Chrome 或 Safari 等浏览器上,它将:

  1. 307 到https://mil.sagepub.com/content/17/2/227.short 然后
  2. 301 到 https://journals.sagepub.com/doi/abs/10.1177/03058298880170020901
  3. 返回 200

    在 cURL 上,它将:

    1. 307 到https://mil.sagepub.com/content/17/2/227.short
    2. 返回 503

      所以很自然地,我转到 Chrome 并将请求作为 bash cURL 命令复制到 https://mil.sagepub.com/content/17/2/227.short。我将其粘贴到 bash 中,得到一个 503。我尝试将 Safari 请求复制到与 bash cURL 命令相同的页面,还有一个 503。所以看起来两个 cURL 请求格式化为完美模仿浏览器请求返回 503。

      在我的 PHP cURL 选项上,我尝试并试验不同的选项,但它也只返回 503。所以我有 3 个不同的操作系统和 PHP 的 cURL 库获得 503 响应,而网络浏览器获得 200 OK 响应。

      这是我的 PHP 代码尝试使用 cURL 发送的传出请求:

      GET /content/17/2/227.short HTTP/2
      Host: mil.sagepub.com
      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
      authority: mil.sagepub.com
      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
      accept-encoding: gzip, deflate, br
      upgrade-insecure-requests: 1
      cache-control: max-age=0
      connection: keep-alive
      keep-alive: 300
      accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
      accept-language: en-US,en;q=0.9,de;q=0.8
      dnt: 1
      sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"
      sec-ch-ua-mobile: ?0
      sec-ch-ua-platform: "Windows"
      sec-fetch-dest: document
      sec-fetch-mode: navigate
      sec-fetch-site: none
      sec-fetch-user: ?1
      

      设置所有 curl 选项并生成上述请求标头的方法如下:

      $url = "https://mil.sagepub.com/content/17/2/227.short"
      $full = true
      $tor = false
      $httpVersion = CURL_HTTP_VERSION_2_0 // HTTP/1.1 doesn't seem to work in this page
      $this->userAgent = "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36"
      $this->curlTimeoutFull = 60
      
      protected function getCurlOptions( $url, $full = false, $tor = false, $httpVersion = CURL_HTTP_VERSION_NONE ) {
              $requestType = $this->getRequestType( $url );
              if ( $requestType == "MMS" ) {
                  $url = str_ireplace( "mms://", "rtsp://", $url );
              }
              $options = [
                  CURLOPT_URL => $url,
                  CURLOPT_HEADER => 1,
                  CURLOPT_RETURNTRANSFER => true,
                  CURLOPT_AUTOREFERER => true,
                  CURLOPT_FOLLOWLOCATION => true,
                  CURLOPT_TIMEOUT => $this->curlTimeoutNoBody,
                  CURLOPT_SSL_VERIFYPEER => false,
                  CURLOPT_COOKIEJAR => sys_get_temp_dir() . "checkifdead.cookies.dat",
                  CURLOPT_HTTP_VERSION => $httpVersion,
                  CURLINFO_HEADER_OUT => 1
              ];
              if ( $requestType == "RTSP" || $requestType == "MMS" ) {
                  $header = [];
                  $options[CURLOPT_USERAGENT] = $this->mediaAgent;
              } else {
                  // Properly handle HTTP version
                  // Emulate a web browser request but make it accept more than a web browser
                  if ( in_array( $httpVersion, [CURL_HTTP_VERSION_1_0, CURL_HTTP_VERSION_1_1, CURL_HTTP_VERSION_NONE] ) ) {
                      $header = [
                          // @codingStandardsIgnoreStart Line exceeds 100 characters
                          'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
                          // @codingStandardsIgnoreEnd
                          'Accept-Encoding: gzip, deflate, br',
                          'Upgrade-Insecure-Requests: 1',
                          'Cache-Control: max-age=0',
                          'Connection: keep-alive',
                          'Keep-Alive: 300',
                          'Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
                          'Accept-Language: en-US,en;q=0.9,de;q=0.8',
                          'Pragma: '
                      ];
                  } elseif ( in_array( $httpVersion, [CURL_HTTP_VERSION_2, CURL_HTTP_VERSION_2_0, CURL_HTTP_VERSION_2_PRIOR_KNOWLEDGE, CURL_HTTP_VERSION_2TLS] ) ) {
                      $parsedURL = $this->parseURL( $url );
                      $header = [
                          'authority: ' . $parsedURL['host'],
                          //':method: get',
                          //':path: ' . $parsedURL['path'],
                          //':scheme: ' . strtolower( $parsedURL['scheme'] ),
                          // @codingStandardsIgnoreStart Line exceeds 100 characters
                          'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9',
                          // @codingStandardsIgnoreEnd
                          'accept-encoding: gzip, deflate, br',
                          'upgrade-insecure-requests: 1',
                          'cache-control: max-age=0',
                          'connection: keep-alive',
                          'keep-alive: 300',
                          'accept-charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7',
                          'accept-language: en-US,en;q=0.9,de;q=0.8',
                          'dnt: 1'
                      ];
                      if ( $requestType == "HTTPS" ) {
                          $header[] = 'sec-ch-ua: "Google Chrome";v="105", "Not)A;Brand";v="8", "Chromium";v="105"';
                          $header[] = 'sec-ch-ua-mobile: ?0';
                          $header[] = 'sec-ch-ua-platform: "' . $this->getRequestPlatform() . '"';
                          $header[] = 'sec-fetch-dest: document';
                          $header[] = 'sec-fetch-mode: navigate';
                          $header[] = 'sec-fetch-site: none';
                          $header[] = 'sec-fetch-user: ?1';
                      }
                  }
                  if ( $this->customUserAgent === false ) {
                      $options[CURLOPT_USERAGENT] = $this->userAgent;
                  } else {
                      $options[CURLOPT_USERAGENT] = $this->customUserAgent;
                  }
              }
              if ( $requestType == 'FTP' ) {
                  $options[CURLOPT_FTP_USE_EPRT] = 1;
                  $options[CURLOPT_FTP_USE_EPSV] = 1;
                  $options[CURLOPT_FTPSSLAUTH] = CURLFTPAUTH_DEFAULT;
                  $options[CURLOPT_FTP_FILEMETHOD] = CURLFTPMETHOD_SINGLECWD;
                  if ( $full ) {
                      // Set CURLOPT_USERPWD for anonymous FTP login
                      $options[CURLOPT_USERPWD] = "anonymous:anonymous@domain.com";
                  }
              }
              if ( $full ) {
                  // Extend timeout since we are requesting the full body
                  $options[CURLOPT_TIMEOUT] = $this->curlTimeoutFull;
                  $options[CURLOPT_HTTPHEADER] = $header;
                  if ( $requestType != "MMS" && $requestType != "RTSP" ) {
                      $options[CURLOPT_ENCODING] = 'gzip, deflate, br';
                  }
                  $options[CURLOPT_USERAGENT] = $this->userAgent;
              } else {
                  $options[CURLOPT_NOBODY] = 1;
              }
              if ( $tor && self::$torEnabled ) {
                  $options[CURLOPT_PROXY] = self::$socks5Host . ":" . self::$socks5Port;
                  $options[CURLOPT_PROXYTYPE] = CURLPROXY_SOCKS5_HOSTNAME;
                  $options[CURLOPT_HTTPPROXYTUNNEL] = true;
              } else {
                  $options[CURLOPT_PROXYTYPE] = CURLPROXY_HTTP;
              }
      
              return $options;
          }
      

      我的问题是,我在这里错过了什么?

【问题讨论】:

  • 这些网站很可能设置了在最终页面上检查过的 cookie。可能值得查看 CURLOPT_COOKIEFILE 选项并使用它来查看是否有帮助。
  • 我正是出于这个原因支持 cookie,但在这种特殊情况下,这不是原因。 :-(
  • 少了什么东西?您的 PHP curl 代码。那就是你的错误所在。如果我看不到它,我就帮不了你。
  • @Misunderstood 它也在 Bash 中发生。不仅仅是 PHP。从浏览器复制该 URL 的 curl 请求并将其粘贴到 bash 中。你会得到同样的错误。
  • 尽管如此,我已将定义所有 CURL 选项的方法添加到上述问题中。返回值通过 curl_setopt_array 直接传递到 curl 句柄中。

标签: php http curl https http2


【解决方案1】:

不幸的是,这似乎是 CloudFlare 使用 TLS 指纹来区分 cURL 请求和实际浏览器。不太可能存在解决此问题的方法。如果我在这里错了,请纠正我。

【讨论】:

  • 我从来没有遇到过这个问题。但如果我这样做了,我会尝试使用他们不太可能拥有个人资料的用户代理。这是我会使用的一个 UA:"User-Agent: MOT-V9mm/00.62 UP.Browser/6.2.3.4.c.1.123 (GUI) MMP/2.0"; 这是第一批具有互联网功能的摩托罗拉手机之一。这是一个真正的UA。你可能错了,看我的回答。
【解决方案2】:

更新
昨晚我没时间看 HTML。现在我有,这是令人失望的。我花了更多时间查看 HTML。它是 Cloudflare“正在检查安全性”消息的 HTML。
我检索了响应标头。这是一个 503 响应。
我的 curl 没有安全证书,现在也没有时间安装。

这将是一个挑战。我希望我现在有更多时间,因为我喜欢挑战。我可能会在不久的将来(几周/几个月)处理这个问题。

如果您要继续,您可能需要其中一些卷曲选项。

CURLOPT_CAINFO / CURLOPT_CAPATH开始

CURLINFO_SSL_VERIFYRESULT
CURLINFO_HTTPAUTH_AVAIL
CURLOPT_HTTPAUTH the HTTP authentication method(s) to use.
CURLINFO_SSL_ENGINES
CURLINFO_CERTINFO true to output SSL certification information to STDERR on secure transfers
CURLINFO_APPCONNECT_TIME

CURLINFO_REDIRECT_COUNT -
CURLINFO_REDIRECT_URL
CURLINFO_EFFECTIVE_URL
Options
CURLOPT_UNRESTRICTED_AUTH
CURLOPT_SSLVERSION Your best bet is to not set this and let it use the default
CURLOPT_SSL_OPTIONS
CURLOPT_KEYPASSWD
CURLOPT_PINNEDPUBLICKEY
CURLOPT_SSH_PRIVATE_KEYFILE 
CURLOPT_CAPATH A directory that holds multiple CA certificates
CURLOPT_CAINFO The name of a file holding one or more certificates to verify the peer with. 
CURLOPT_SSL_VERIFYHOST 0 to not check the names. 1 should not be used. 2 to verify that a Common Name field 
CURLOPT_SSL_VERIFYPEER  false to stop cURL from verifying the peer's certificate. 
CURLOPT_SSL_VERIFYSTATUS  true to verify the certificate's status. 
CURLOPT_CERTINFO true to output SSL certification information to STDERR on secure transfers. 
CURLOPT_FRESH_CONNECT   true to force the use of a new connection instead of a cached one. 
CURLOPT_SSL_ENABLE_NPN
CURLOPT_SSL_ENABLE_ALPN
CURLOPT_SSL_FALSESTART  true to enable TLS false start 
CURLOPT_SSH_AUTH_TYPES
CURLOPT_LOGIN_OPTIONS
CURLOPT_SSL_CIPHER_LIST
CURLOPT_SSLCERTPASSWD
CURLOPT_SSLKEY
CURLOPT_SSLENGINE
CURLOPT_SSLKEYPASSWD
CURLOPT_SSLKEYTYPE
CURLOPT_SSL_CIPHER_LIST
CURLOPT_SSH_PRIVATE_KEYFILE

这些是 SSL 安全错误代码。

CURLE_SSL_CONNECT_ERROR (35)
CURLE_SSL_ENGINE_NOTFOUND (53)
CURLE_SSL_ENGINE_SETFAILED (54)
CURLE_SSL_CERTPROBLEM (58)
CURLE_SSL_CIPHER (59)
CURLE_PEER_FAILED_VERIFICATION (60)
CURLE_SSL_ENGINE_INITFAILED (66)
CURLE_LOGIN_DENIED (67)
CURLE_SSL_CACERT_BADFILE (77)
CURLE_SSH (79)
CURLE_SSL_CRL_BADFILE (82)
CURLE_SSL_ISSUER_ERROR (83)
CURLE_SSL_PINNEDPUBKEYNOTMATCH (90)
CURLE_SSL_INVALIDCERTSTATUS (91)
CURLE_AUTH_ERROR (94)
CURLE_SSL_CLIENTCERT (98)

响应头

HTTP/2 503 
date: Fri, 07 Oct 2022 23:36:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referer-policy: same-origin
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
set-cookie: __cf_bm=ephtbgHn7LX95.n_3NjMptBv8PFRRJP_6xtBw_9Ci0A-1665185780-0-ATjw+AOJfmTzUGIfBhlg8p6scov6AoznbSauiS3ofTN6KYEebpn4p+k3lU+5l6zZRwENm0kYDHa9zptcfePujs8=; path=/; expires=Sat, 08-Oct-22 00:06:20 GMT; domain=.sagepub.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 756a755a18e95e68-TPA

更新结束


我尝试了下面的卷曲,它似乎起作用了。

当我使用此标头时,它不起作用。

header("Content-Type: text/html; UTF-8");

注意下面的 header() 。

<?php
header("Content-Type: text/plain; UTF-8");
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://journals.sagepub.com/doi/abs/10.1177/03058298880170020901');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    'User-Agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:106.0) Gecko/20100101 Firefox/106.0',
    'Accept' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8',
    'Accept-Language' => 'en-US,en;q=0.5',
    'Accept-Encoding' => 'gzip, deflate, br',
    'DNT' => '1',
    'Connection' => 'keep-alive',
    'Upgrade-Insecure-Requests' => '1',
    'Sec-Fetch-Dest' => 'document',
    'Sec-Fetch-Mode' => 'navigate',
    'Sec-Fetch-Site' => 'cross-site',
    'Pragma' => 'no-cache',
    'Cache-Control' => 'no-cache',
]);
curl_setopt($ch, CURLOPT_COOKIE, 'JSESSIONID=aaaf4hNAtZPHz_3k0KSoy; SERVER=lZreQKWihabND4/rEplMDWnYKk2egCfX; __cf_bm=PzjJU2qBrjwilfLqClzWC.zRk49hsY6b7e4F8WtMiMA-1665105299-0-AYf2x4A2SmmdyIQGUHAY0jdkGZtI3qyt3W48WENOL6tGZLEYJ/IqcD5GAWn10V5J+khYliOD7yhKrtVlGXwpawI=; MAID=cqVoyumi6JY4MYyiVyj//w==; MACHINE_LAST_SEEN=2022-10-06T18%3A15%3A00.400-07%3A00; usprivacy=1Y--');

$response = curl_exec($ch);
echo $response;

这是回应

<!DOCTYPE html>
<html lang="en-US">
<head>
    <title>Just a moment...</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="X-UA-Compatible" content="IE=Edge" />
    <meta name="robots" content="noindex,nofollow" />
    <meta name="viewport" content="width=device-width,initial-scale=1" />
    <link href="/cdn-cgi/styles/challenges.css" rel="stylesheet" />
    <meta http-equiv="refresh" content="35">

</head>
<body class="no-js">
    <div class="main-wrapper" role="main">
    <div class="main-content">
        <h1 class="zone-name-title h1">
            <img class="heading-favicon" src="/favicon.ico"
                 onerror="this.onerror=null;this.parentNode.removeChild(this)" />
            journals.sagepub.com
        </h1>
        <h2 class="h2" id="challenge-running">
            Checking if the site connection is secure
        </h2>
        <noscript>
            <div id="challenge-error-title">
                <div class="h2">
                    <span class="icon-wrapper">
                        <div class="heading-icon warning-icon"></div>
                    </span>
                    <span id="challenge-error-text">
                        Enable JavaScript and cookies to continue
                    </span>
                </div>
            </div>
        </noscript>
        <div id="trk_jschal_js" style="display:none;background-image:url('/cdn-cgi/images/trace/jsch/nojs/transparent.gif?ray=7562d7b24c405e68')"></div>
        <div id="challenge-body-text" class="core-msg spacer">
            journals.sagepub.com needs to review the security of your connection before proceeding.
        </div>
        <form id="challenge-form" action="/doi/abs/10.1177/03058298880170020901?__cf_chl_f_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU" method="POST" enctype="application/x-www-form-urlencoded">
            <input type="hidden" name="md" value="PQaRto6SpdNW5tB2CzRq9tnhClVf9vWYghzKuRjDWOQ-1665105922-0-AeraO7jbF6VbQcW0RvUhPT1qfbCcUTYiREg7FWQynA4OVtiTbls-NlCSXpbPLK_-bVRyI6_Wphk1k1XY_lxg0MVXMZ2tT5RmeYGnJYD5T-de61VfREEcZtpE5oaFnFmWVY38q9TYjq1CllDiszTadCdO-j4yvW51pLjc-LT8Z4OIHRgA1TG92oykPVkBoKgUcuUVGpZhsklb5S7Mz5h31OlmT8X_oMpHigkNwFWCVnuxl5_6FePRATc-hGFOYs6YFMu6P2GlAOigwfjRBmYi1ftmoQqBXK7wmb9HHmzrz1_BurTIQMFZyL-GExcvzgMud539jGN1mhQMiEfA44cezwbDBCp_TZLvF0l4_jx6ON49_M1aKzD3uM0Y7AO7WY7RnoED4ljPYcBvOQJyIF0QY_LLCZPoApA2pP4ku8J3uHa1ziS_fL6vOJD-cEkHMKMEFWMoOYCNYVQg1z_x0k7Pj2O_7svXqMyqk990LloFkmezlHPnw7k58EE8A8-KZavGjKAZnVKI4nZ5Kgr1ng8IDwsk64EiblwOTmvQoGBDObBxNI5QKmHY1of7zyaSlv233SzrJpn1JMP8o1gqtIVkQKTsV5cz8RQ59Zdrfc30zJhtc0R4REKiX7KaQ6hfmoZQLkuocj_TIF1cFYcF_UD_sl1gqV4pKejaZXtYc-zScMFCQBBPlgRIN3z2QD47WFCBR8-AQWgq2mkxE8GvbfwgoBw" />
            <input type="hidden" name="r" value="4ga_OQoCt0ZP_Qytdr9ME00oPYmCHboqWnNiiVPIL4o-1665105922-0-AQ5V/dQHa2NaMlQDJ3v4D9IAB2MuFm30IpZKei7Z4tI9fCuFXT0VWdD+l9FshGYx5YBz5u86Ym5/ZKwJaw3A93MqGZzKysYqp2BUPENx8Tbm0XGZpI0s6SBb+AgVwnSbe0uKK28RBHYsTCTA2JX0Op5rWLvJT0o7G0UBkwBjoBwBYUGB4zcrPpGUBFZW4izVLm4kSdkkpKs7/n3/1nvIIfmEWBCm1Z6IoLhPFIan4aKMhymO96qSKt25TAhtBzNt/dv/r9iTb06EGlsF3r2CEUmlDP1VBjo9jYqIEiR9/5tiifCQ52JKHJZmOLuH0lqwicWNISfCvhrzMtdWKpUW3hSCnSNlSIr6x0H+ny4NFK8hg0y/b1Y4oFsqG9h4mXK9QDojLMiK4kK6/yz1a3snUe58xad4x8McL6JlqHFFUWzWxrs1IfQpUFBUSYnD12h0h00QyErge5qIb1ufZpaz/M+hiODNQhsj0NQPsWjrZ6RW0RAElJhgWn3/gLa/+BEuWxQc/raT6pxjNiMZLPAYV/H5B7q5hp2LBFBBaK4rH3QHxxunPlyrYAyPI9ke7Hqhwceliv31viTrVOuHeqkpw1zenp/6gz6N4ZdQqEMY/G2/5/cXsUSIPaAoB2TNYWcHJchtCJ8ANeikiNw7Wopo8CB54D48zrkYtu9Me3FMVBuPMNonvZy/uHnPGqqd67yYcR4ZqN0ceol85dYitQbExdz3Atr7civtdDD5Peu9ToRRpM+Jq1cKt9m8cLuNldf8WEIR7il1ugLhV4f8Q2xG/AuB1S2WoDwx5RqrUf2XWPdo3DVuk/W1+5wN/TWp0wMiiwk1xYk5LwReuP+YilaIkkPnJIAEUCpkR+/e0pHS/ceUu4Khx7X1Fw/WTTITU+bJ+3cUmvV9Vc1IEluULfeuBWylZ3fsW7qfeBIaJA6/1KtJFXPD7ggh0dees5jQrk0t2k0BkbCGcHsKS1PKL86BM5IzQAs5jk9bzxJC13J91iCB09kj7+gHnbvSniAw+luNAFZEQ1Ipt239rMWmSeSrDrQA/TyuETkl5WLvLY6LOYgmb6JQDRLtacWeqPt7U45e5OsCpUrdWcwTQR1K1yHh/DY8e9627S7ZhWpBcOPbfsvO9JOkTJqn2am/TWa2V0VbSNSHvdW2WmNnz8yLXTlo5L+QzGFTf06ywJV7luXHaTRAskV6qsaTl/5oYPmG+oH5sffEo8jr+xZ6iRYbgDMAn1Bo3O3IgFKidTpGcQ7GBfkBcvP2NUpqVq41rcHnmgyDLrru1Zi5ZTFir4iw7JMOYw9YNNw0Qy4iCLiFdFpuQaBjJC0faS890a+jjnsQvf9el/aDgrXkrGWlgvUn4EITE5Jc5b2XIm15DKCOqLJEdojUAgKdoxrQxoYYxsLVlbN8/eRB8Cuxus/BGH3Kxhbf3w8moEnyrvh+ZjzuSiEaYZYJx7I1mTJbLSdUyp74w5exEyX7U3h+1PCT4nd2tY5cS5teMVxmu+Q3Q8UFe7fsN49eMaGh1ggLScCH0zZtnt5Oms6lehrg8WfFdiaWWEvLTLEExO61IsGIWnWxcbh/cY1qeiD5E2W3RYei+XTsRb5kwFKilD248c159QJCepcGM0YZL7Ax6o0Bw4z5iDc+P5tJZN1qBIful2NJ40FF4jM+oDwf+8AzsxNilVoubBZvpB3qunvjMavbw3GoBPIDGi8gn19JznYK1Ccq+p/OAysjqpONhwB5vihBskpp6c5UZMIMXxGkfxGfKBzhO+JE/hvPvT9d4e/QpjOIBBT9tEIaSfatD1SBhVOR/n+qTCm0cEzJSfby6juHsIGi5lCBgIcngT5zx1bIFcDlxTBcFerq1W4sB61W0XFBgfj8z4uymavOlU5wnm8+y7yA0cHtZBfH08yqhg4zTKrM4iXzdfqmkqaYbxMT1x8unIezyqYCSvprrsYWmgNBlaDjDwvgAGGR9EPVg8LNDd9vA7F+zwNrVuHlwMB4XBRGoEUFd/3LAr5agzDY5fqqAVd3p2T6gHAVBOcaTPZHzNMuOdCQucaWq/keg9x3raSCFQcEXRMaS63uMB7tkScU+V8AAMooLVY+5Cc801G6pHfT8g/O4Ykd7hpQIFysIzRzYn4tzZzR/kXPLNZw+ISkbArswMfw12ICoChRWiWkoe8GB/bCUuplxv0K4GDaxZLzcrrKYyo73g4+EAMCJl3LapBmso6dEo1J"/>
        </form>
    </div>
</div>
<script>
    (function(){
        window._cf_chl_opt={
            cvId: '2',
            cType: 'non-interactive',
            cNounce: '61335',
            cRay: '7562d7b24c405e68',
            cHash: '10218f759e4ab19',
            cUPMDTk: "/doi/abs/10.1177/03058298880170020901?__cf_chl_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU",
            cFPWv: 'b',
            cTTimeMs: '1000',
            cTplV: 4,
            cTplB: 'cf',
            cRq: {
                ru: 'aHR0cHM6Ly9qb3VybmFscy5zYWdlcHViLmNvbS9kb2kvYWJzLzEwLjExNzcvMDMwNTgyOTg4ODAxNzAwMjA5MDE=',
                ra: '',
                rm: 'R0VU',
                d: 'hUB8qW1/Rbwx33YUzcVMTqUu+pyyMH1g4rZFyeT71nouHfNa/kZzFRdfCTOxboH8qp84VRepH5UjSKXMIbGKvMYDMxYCMhms0yymP/QQVIWQyGHD19wnRWegLpiSX4mWkM/LS30eF/16qC+eEte4h6V1m/FL2qCQXsFqA9bhdq8v5IZ8soop1L7Mpzr6cCI/7rE4kJrxYtSBsrAdBN+zf9uZQpKszC1++hNaGtkek7bSSe5Ouuq6ilnV1PY+uC5bpilAe4B7rDxtBabC6JKwQ79AobM0TqDR99geXWC/ratOOAJHek7aV0bq3wdLJywqaCRNQ731sg/oLws049U9s9xh93wz8hlpAXqZQ7v/hItjco/USW4JsmwHidUFLWBM1d7HSLLVFdGSw7rAs9QG0mRv22jNCwH2A2PPlW0vQJKZ8VBwJjbL6a3oPXkDsp7l9UhV7a7Fu2gP/+vErmH7JsbWj+4thWgCSGhCwRiUuX1R1yvoMM+PE3WbV1Mg3UZeshibgBXZXzoxN+KEk9QXa9mL2FBqEc0m5k73uNgvl5PlpDCQLkXW1edTJFpwgxUqoNl/Cv2DbT8o9gyhxVcvmg==',
                t: 'MTY2NTEwNTkyMi45NDIwMDA=',
                m: 'uhMFR0Zz2KvO1IklAUNSaC4Dp7dCmCc5//+PPZeITRY=',
                i1: '00a08NzJ+5CkmeYGE9ULuA==',
                i2: '05tMwHIIyy7WJUV2JWbeXA==',
                zh: 'gw7YMdbZ1M4iQ6cbqLPC730Ml6kaQ+3i4OTRjaElasU=',
                uh: 'DV4j3Tmrbi5Rs1q3ahwVS6SgbPbI7np5884QO1u1Cgg=',
                hh: 'c9ogzZPyf3xtUVOiYSAQbEsbym/d5b1rPQM2Rm/OUTE=',
            }
        };
        var trkjs = document.createElement('img');
        trkjs.setAttribute('src', '/cdn-cgi/images/trace/jsch/js/transparent.gif?ray=7562d7b24c405e68');
        trkjs.setAttribute('style', 'display: none');
        document.body.appendChild(trkjs);
        var cpo = document.createElement('script');
        cpo.src = '/cdn-cgi/challenge-platform/h/b/orchestrate/jsch/v1?ray=7562d7b24c405e68';
        window._cf_chl_opt.cOgUHash = location.hash === '' && location.href.indexOf('#') !== -1 ? '#' : location.hash;
        window._cf_chl_opt.cOgUQuery = location.search === '' && location.href.slice(0, -window._cf_chl_opt.cOgUHash.length).indexOf('?') !== -1 ? '?' : location.search;
        if (window.history && window.history.replaceState) {
            var ogU = location.pathname + window._cf_chl_opt.cOgUQuery + window._cf_chl_opt.cOgUHash;
            history.replaceState(null, null, "/doi/abs/10.1177/03058298880170020901?__cf_chl_rt_tk=2isUlGhlWW3V2j9Kjj8DwMFDI2e5zBKVHQMe3nobTys-1665105922-0-gaNycGzNCOU" + window._cf_chl_opt.cOgUHash);
            cpo.onload = function() {
                history.replaceState(null, null, ogU);
            };
        }
        document.getElementsByTagName('head')[0].appendChild(cpo);
    }());
</script>

    <div class="footer" role="contentinfo">
        <div class="footer-inner">
            <div class="clearfix diagnostic-wrapper">
                <div class="ray-id">Ray ID: <code>7562d7b24c405e68</code></div>
            </div>
            <div class="text-center">Performance &amp; security by <a rel="noopener noreferrer" href="https://www.cloudflare.com?utm_source=challenge&utm_campaign=j" target="_blank">Cloudflare</a></div>
        </div>
    </div>
</body>
</html>



使用 header("Content-Type: text/html; UTF-8"); 我得到了这个:

【讨论】:

  • 您得到的 HTTP 代码是什么?
  • 不幸的是 503。我在我的答案中添加了标题。这不是一个容易的项目。如果这是我的项目,它需要价值数千美元。我相信这是可以做到的。我的经验是,如果我可以在禁用 JavaScript 的情况下在我的浏览器中查看页面,我可以使用 curl 获取它。我有一些项目需要几天时间才能破解。我希望我有更多的时间。我很想破解 Cloudflare 的安全性。
【解决方案3】:

如果这里的问题实际上TLS 指纹识别然后使用 HTTP 代理,如 mitmproxyHTTP ToolkitNaïveProxy可能是一种可能的解决方法,但我还没有进行任何测试。有关详细信息,请参阅讨论 herehere

【讨论】:

    猜你喜欢
    • 1970-01-01
    • 2015-03-23
    • 2012-03-15
    • 2019-02-01
    • 1970-01-01
    • 2016-10-01
    • 1970-01-01
    • 1970-01-01
    • 2012-11-26
    相关资源
    最近更新 更多