ByetHost server passing html values “Checking your browser” with JSON String
While trying to parse json string to android, HTML values are passed. Before a day all was working good, and suddenly my app start crashing when trying to fetch database wit
-
I should add the following as answer as it is the workaround to bypass the above problem. Posting as it might help someone:
This problem can be solved by simply writing exit(); in the php file at the last executable statement. This will exit the php file and will not append the text. eg.
<?php include('config.php'); date_default_timezone_set("Asia/Calcutta"); $result1 = mysqli_query($con,"SELECT * FROM `pj_medionline_mst_stockist` ORDER BY `pj_medionline_mst_stockist`.`ID` ASC "); $response = array(); $posts = array(); while($row=mysqli_fetch_array($result1)) { $id =$row["ID"]; $stkcode =$row["stkcode"]; $comName =$row["ComName"]; $operatorid =$row["operatorid"]; $password =$row["Password"]; $posts[] = array('id'=>$id, 'stkcode'=>$stkcode, 'stkname'=>$comName, 'operatorid'=>$operatorid, 'password'=>$password); } $response['stokist'] = $posts; print(json_encode($response)); exit(); ?>讨论(0) -
This is a newly introduced bot detection feature on free hosting to prevent unwanted bots. This only appears upon first visit to the page.
For example /upper_respiratory_infection.htm?ckattempt=1 has been registered 37 times by my web analytics between Aug 8 and Aug 11. It is creating havoc with my web analytics since I am now collecting two sets of data for each page (one with and one without CKattempt=1, and a few even carrying the add-on CKattempt=2)
This can not be removed unfortunately
for more detail
讨论(0) -
Solved!
I had the same issue using Byethost to retrieve JSON data from my PHP server. We just need to add a cookie to the HTTP request to pass the testcookie-nginx-module
As Richard's answer says:
The main problem is that Byet Host implement a simple security antibots module >named testcookie-nginx-module
https://kyprizel.github.io/testcookie-nginx-module/
On the link he provided we can see that the testcookie-nginx-module makes a 2-steps validation:
- The first time that a HTTP request is done, the module returns a javascript instead of the JSON we are expecting. This script is executed on the client (tipically a web browser) and generates a validation cookie containing an AES key.
Here's the script I've received form my server:
<html> <body> <script type="text/javascript" src="/aes.js" ></script> <script> function toNumbers(d){ var e=[]; d.replace(/(..)/g,function(d){ e.push(parseInt(d,16))}); return e } function toHex(){ for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++) e+=(16>d[f]?"0":"")+d[f].toString(16); return e.toLowerCase() } var a=toNumbers("f655ba9d09a112ffff8c63579db590b4"), b=toNumbers("98344c2eee86c3ffff90592585b49f80"), c=toNumbers("1286963467aa92ffff8323bdca0d7be9"); document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; location.href="http://myserver.byethost8.com/myPhpPage.php?i=1"; </script> <noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript> </body>- The script adds the validation cookie to the document and redirects it to the url we actually want to access. The testcookie-nginx-module validates the cookie AES key and and let the request hit the url that will response with the JSON data we want to access.
On the following HTTP requests the client will have stored the cookie and will add it to the request skipping the step 1.
Solution for our Android App
We are going to skip the cookie generation by getting it from a web browser and add it directly to our Android HTTP request (Unless of course you want to get involved in generating it).
Before you get the cookie from the web browser make sure you accessed the url at least once with the browser to generate it.
Getting the cookie key from the web browser. I used Google Chrome for it:
- From the Chrome menu in the top right corner of the browser, select Settings.
- At the bottom of the page, click Show advanced settings....
- Under Privacy, select Content settings....
- select All cookies and site data....
- Search for you website name. By searching "byethost" you'll find it.
- Open the cookie named __test and copy the values of content, path and expires
Setting the cookie on our Android app. On your code should be something like:
try { if(post == "POST") { HttpClient httpClient = new DefaultHttpClient(); HttpPost httpPost = new HttpPost(loginUrl); httpPost.setEntity(new UrlEncodedFormEntity(para)); httpPost.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 "); httpPost.addHeader("Cookie", "__test=THE_CONTENT_OF_YOUR_COOKIE_HERE; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"); HttpResponse httpResponse = httpClient.execute(httpPost); HttpEntity httpEntity = httpResponse.getEntity(); is = httpEntity.getContent(); } else if(post == "GET") { HttpClient httpClient = new DefaultHttpClient(); String paramString = URLEncodedUtils.format(para, "utf-8"); loginUrl += "?" + paramString; HttpGet httpGet = new HttpGet(loginUrl); httpGet.addHeader("Cookie", "__test=THE_CONTENT_OF_YOUR_COOKIE_HERE; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"); HttpResponse httpResponse = httpClient.execute(httpGet); HttpEntity httpEntity = httpResponse.getEntity(); is = httpEntity.getContent(); } }
And that's it. Now every time the app makes an HTTP request it will include the cookie to pass the testcookie-nginx-module and will be retrieving your JSON data.
I hope this helps and is not too late.
Regards
讨论(0) -
The main problem is that Byet Host implement a simple security antibots module named testcookie-nginx-module
https://kyprizel.github.io/testcookie-nginx-module/
This make your app crash
讨论(0)
加载中...
- 热议问题