将 indy 用于带有 session/cookie 的 https

Question

我正在尝试使用 Indy 使用以下代码创建 HTTP 会话：

var
  idHttp1 : TidHttp;
  lIOHandler: TIdSSLIOHandlerSocketOpenSSL;
  idCookie : TIdCookieManager;
  Initalized : boolean;

procedure InitSession;
begin
  Initalized := True;
  try
    idHttp1 := TIdHTTP.Create(nil); //the variables are declared globally
    lIOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(nil);
    idCookie := TIdCookieManager.Create(nil);

    idHttp1.Request.UserAgent := 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Trident/6.0)';
    idHttp1.Request.Referer := 'https://www.parts.bmwgroup.com/';
    idHttp1.Request.AcceptLanguage := 'de';
    idHttp1.ConnectTimeout := 10000;
    idHttp1.ReadTimeout := 10000;
    idHttp1.Response.KeepAlive := true;
    idHttp1.IOHandler := lIOHandler;

    idHttp1.HandleRedirects := true;
    idHttp1.CookieManager := idCookie;
    idHttp1.AllowCookies := true;

    ShowMessage(IntToStr(idCookie.CookieCollection.Count));
  except
    Initalized := False;
  end;
end;

然后我这样做是为了创建用于登录网站的新会话 ID：

begin
  ...
  s := IdHTTP1.Get('https://www.parts.bmwgroup.com/tetis/index.jsp?DOMAIN=Internet');
end

当我从网站获得会话时，我尝试登录：

begin
  ...
  s := IdHTTP1.Get('https://www.parts.bmwgroup.com/tetis/startTetisAction.do?LOGON_USERID=XXXXXXXX&LOGON_PASSWD=XXXXXXXX');
end

现在，当我尝试使用实习生内容时，我收到如下 HTTP 消息：

<html>
<head>



<script language="JavaScript">
function zeigeLogin ()
{


        open ("/tetis/startTetisAction.do","TeTIS");

}
</script>
<title>Aftersales Assistance Portal ASAP</title>
<link rel="STYLESHEET" type="text/css" href="/tetis/css/content.css">
</head>

<body link="#003399" vlink="#666666" alink="#003399">
  <table border="0" cellspacing="0" cellpadding="0">
<tr>
    <td class="hl1">Aftersales Assistance Portal ASAP</td>
</tr>
<tr> 
    <td class="hl2">Ihre Session ist ungultig.<BR>Bitte melden Sie sich neu an.<BR>
    <BR>
    <a href="javascript:zeigeLogin()" class="h12red9">&gt; Login</a></td>
    </td>
</tr>
</table>
</body>
</html>

为什么我的会话不起作用？

Answer 1

您没有正确登录。

当您在网络浏览器中访问https://www.parts.bmwgroup.com/tetis/index.jsp?DOMAIN=Internet 时，它会显示一个弹出窗口，其中包含一个 HTML 登录表单。然后使用POST 请求将该登录表单提交到服务器，但您使用GET 请求发送登录凭据。

当我尝试时，以下内容对我有用：

var
  idHttp1 : TIdHTTP = nil;
  Initialized : Boolean = False;

procedure InitSession;
begin
  try
    idHttp1 := TIdHTTP.Create(nil);
    idHttp1.IOHandler := TIdSSLIOHandlerSocketOpenSSL.Create(IdHttp1);
    idHttp1.CookieManager := TIdCookieManager.Create(IdHttp1);

    idHttp1.ConnectTimeout := 10000;
    idHttp1.ReadTimeout := 10000;
    idHttp1.HandleRedirects := true;
    idHttp1.AllowCookies := true;

    idHttp1.Request.UserAgent := 'Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Trident/6.0)';
    idHttp1.Request.AcceptLanguage := 'de';
    idHttp1.Request.Connection := 'Keep-Alive';

    Initialized := True;
  except
    Initialized := False;
  end;
end;

begin
  ...
  idHttp1.Request.Referer := 'https://www.parts.bmwgroup.com/';
  s := IdHTTP1.Get('https://www.parts.bmwgroup.com/tetis/index.jsp?DOMAIN=Internet');
end

begin
  ...
  idHttp1.Request.Referer := 'https://www.parts.bmwgroup.com/tetis/index.jsp?DOMAIN=Internet';
  s := IdHTTP1.Get('https://www.parts.bmwgroup.com/tetis/startTetisAction.do?DOMAIN=Internet');
end

var
  PostParams: TStringList;
begin
  ...
  PostParams := TStringList.Create;
  try
    PostParams.Add('LOGON_USERID=XXXXXXXX');
    PostParams.Add('LOGON_PASSWD=XXXXXXXX');

    IdHttp1.Request.Referer := 'https://www.parts.bmwgroup.com/tetis/startTetisAction.do?DOMAIN=Internet';
    s := IdHTTP1.Post('https://www.parts.bmwgroup.com/tetis/startTetisAction.do', PostParams);
  finally
    PostParams.Free;
  end;
end