ByetHost 服务器传递 html 值 "Checking your browser" 和 JSON 字符串

ByetHost server passing html values "Checking your browser" with JSON String

在尝试将 json 字符串解析为 android 时,传递了 HTML 值。 前一天一切正常,突然我的应用程序在尝试借助 php 文件获取数据库时开始崩溃。

当我检查时注意到 html 值.. 见 logcat

08-10 01:09:55.814: E/result(6744): <html><body><h2>Checking your browser..<h2><script type="text/javascript" src="/aes.js" ></script><script>function toNumbers(d){var e=[];d.replace(/(..)/g,function(d){e.push(parseInt(d,16))});return e}function toHex(){for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)e+=(16>d[f]?"0":"")+d[f].toString(16);return e.toLowerCase()}var a=toNumbers("f655ba9d09a112d4968c63579db590b4"),b=toNumbers("98344c2eee86c3994890592585b49f80"),c=toNumbers("7965e114a1dccaf35af3756261f75ad8");document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/";location.href="http://realroom.byethost24.com/medical/stokist.php?ckattempt=1";</script></body></html>
08-10 01:09:55.814: E/JSON Parser(6744): Error parsing data org.json.JSONException: Value <html><body><h2>Checking of type java.lang.String cannot be converted to JSONObject
08-10 01:09:55.816: E/AndroidRuntime(6744): FATAL EXCEPTION: AsyncTask #1
08-10 01:09:55.816: E/AndroidRuntime(6744): Process: com.example.medionline, PID: 6744
08-10 01:09:55.816: E/AndroidRuntime(6744): java.lang.RuntimeException: An error occured while executing doInBackground()
08-10 01:09:55.816: E/AndroidRuntime(6744):     at android.os.AsyncTask.done(AsyncTask.java:304)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.FutureTask.finishCompletion(FutureTask.java:355)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.FutureTask.setException(FutureTask.java:222)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.FutureTask.run(FutureTask.java:242)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at android.os.AsyncTask$SerialExecutor.run(AsyncTask.java:231)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.lang.Thread.run(Thread.java:818)
08-10 01:09:55.816: E/AndroidRuntime(6744): Caused by: java.lang.NullPointerException: Attempt to invoke virtual method 'java.lang.String org.json.JSONObject.toString()' on a null object reference
08-10 01:09:55.816: E/AndroidRuntime(6744):     at com.example.medionline.All_supplier_list$FetchMFG.doInBackground(All_supplier_list.java:182)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at com.example.medionline.All_supplier_list$FetchMFG.doInBackground(All_supplier_list.java:1)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at android.os.AsyncTask.call(AsyncTask.java:292)
08-10 01:09:55.816: E/AndroidRuntime(6744):     at java.util.concurrent.FutureTask.run(FutureTask.java:237)
08-10 01:09:55.816: E/AndroidRuntime(6744):     ... 4 more

我在 byethost 服务器上托管的所有页面都会发生这种情况,而在其他服务器上托管的页面运行良好。我尝试将我的一个文件移动到其他服务器,然后它返回正确的 json 字符串。

此外,当我在浏览器中检查 url 时,它返回正确的 json 字符串,没有任何异常或 byethost 错误.. 但在 android 中给出 html 值..

这是我的 JSON 函数 class

package com.example.medionline;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.util.List;

import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;    
import org.apache.http.NameValuePair;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.entity.UrlEncodedFormEntity;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.impl.client.DefaultHttpClient;
import org.json.JSONException;
import org.json.JSONObject;

import android.util.Log;

public class JSONfunctions
{

     static InputStream is = null;
 static String result = "";
 static JSONObject jArray = null;
public static JSONObject getJSONfromURL(String url) 
{
    // Download JSON data from URL
    try 
    {
        HttpClient httpclient = new DefaultHttpClient();
        HttpPost httppost = new HttpPost(url);
        httppost.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 ");
        HttpResponse response = httpclient.execute(httppost);
        HttpEntity entity = response.getEntity();
        is = entity.getContent();
    } 
    catch (Exception e) 
    {
        Log.e("log_tag", "Error in http connection " + e.toString());
    }

    try 
    {
        BufferedReader reader = new BufferedReader(new InputStreamReader(is, "iso-8859-1"), 8);
        StringBuilder sb = new StringBuilder();
        String line = null;
        while ((line = reader.readLine()) != null) 
        {
            Log.e("jsonnnnnnn", line);
            sb.append(line + "\n");
        }
        is.close();
        result = sb.toString();
        Log.e("result", result);
    } 
    catch (Exception e) 
    {
        Log.e("log_tag", "Error converting result " + e.toString());
    }
    try 
    {
        jArray = new JSONObject(result);
    } 
    catch (JSONException e)
    {
        Log.e("log_tag", "Error parsing data " + e.toString());
    }
    return jArray;
}

public static JSONObject makeHttpRequest(String loginUrl, String post, List<NameValuePair> para)
{
    try 
    {
        if(post == "POST")
        {
            HttpClient httpClient = new DefaultHttpClient();
            HttpPost httpPost = new HttpPost(loginUrl);
            httpPost.setEntity(new UrlEncodedFormEntity(para));
            httpPost.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 ");
            HttpResponse httpResponse = httpClient.execute(httpPost);
            HttpEntity httpEntity = httpResponse.getEntity();
            is = httpEntity.getContent();

        }
        else if(post == "GET")
        {
            HttpClient httpClient = new DefaultHttpClient();
            String paramString = URLEncodedUtils.format(para, "utf-8");
            loginUrl += "?" + paramString;
            HttpGet httpGet = new HttpGet(loginUrl);
            HttpResponse httpResponse = httpClient.execute(httpGet);
            HttpEntity httpEntity = httpResponse.getEntity();
            is = httpEntity.getContent();
        }
    }
    catch (UnsupportedEncodingException e)
    {
        e.printStackTrace();
    }
    catch (ClientProtocolException e)
    {
        e.printStackTrace();
    }
    catch (IOException e)
    {
        e.printStackTrace();
    }
    try 
    {
        BufferedReader reader = new BufferedReader(new InputStreamReader(is, "utf-8"), 8);
        StringBuilder sb = new StringBuilder();
        String line = null;
        if (is != null) 
        {
            while ((line = reader.readLine()) != null) 
            {
                //Log.e("jsonnnnnnn", line);
                sb.append(line + "\n");
            }
            is.close();
            result = sb.toString();
            Log.e("result", result);
        }
    }
    catch (Exception e)
    {
        Log.e("Buffer Error", "Error converting result " + e.toString());
    }
    try
    {
        jArray = new JSONObject(result);
    }
    catch (JSONException e)
    {
        Log.e("JSON Parser", "Error parsing data " + e.toString());
    }
    return jArray;
}
}

这是我的 PHP 文件

<?php
include('config.php');
date_default_timezone_set("Asia/Calcutta");

$result1 = mysqli_query($con,"SELECT  *
                                    FROM  `pj_medionline_mst_stockist` 
                                    ORDER BY  `pj_medionline_mst_stockist`.`ID` ASC ");


$response = array();
$posts = array();
while($row=mysqli_fetch_array($result1))
{
    $id =$row["ID"];
    $stkcode =$row["stkcode"];
    $comName =$row["ComName"];
    $operatorid =$row["operatorid"];
    $password =$row["Password"];


    $posts[] = array('id'=>$id, 'stkcode'=>$stkcode, 'stkname'=>$comName, 'operatorid'=>$operatorid, 'password'=>$password);
}

$response['stokist'] = $posts;
print(json_encode($response));
?>

主要问题是 Byet Host 实现了一个名为 testcookie-nginx-module 的简单安全反机器人模块

https://kyprizel.github.io/testcookie-nginx-module/

这会使您的应用程序崩溃

这是免费托管上新引入的机器人程序检测功能,用于防止不需要的机器人程序。这仅在首次访问该页面时出现。

例如 /upper_respiratory_infection.htm?ckattempt=1 在 8 月 8 日至 8 月 11 日期间被我的网络分析注册了 37 次。这对我的网络分析造成了严重破坏,因为我现在正在收集两组数据对于每一页(一页有 CKattempt=1,一页没有 CKattempt=1,还有一些甚至带有附加组件 CKattempt=2)

遗憾的是无法删除

for more detail

已解决!

我在使用 Byethost 从我的 PHP 服务器检索 JSON 数据时遇到了同样的问题。我们只需要在 HTTP 请求中添加一个 cookie 来传递 testcookie-nginx-module

正如理查德的 所说:

The main problem is that Byet Host implement a simple security antibots module >named testcookie-nginx-module

https://kyprizel.github.io/testcookie-nginx-module/

在他提供的 link 上我们可以看到 testcookie-nginx-module 进行了两步验证:

  1. 第一次完成 HTTP 请求时,模块 returns 是 javascript 而不是我们期望的 JSON。此脚本在客户端(通常是 Web 浏览器)上执行并生成包含 AES 密钥的验证 cookie。

这是我从服务器收到的脚本:

<html>
<body>
    <script type="text/javascript" src="/aes.js" ></script>
    <script>
        function toNumbers(d){
        var e=[];
            d.replace(/(..)/g,function(d){
                e.push(parseInt(d,16))});
            return e
        }
        function toHex(){
            for(var d=[],d=1==arguments.length&&arguments[0].constructor==Array?arguments[0]:arguments,e="",f=0;f<d.length;f++)
                e+=(16>d[f]?"0":"")+d[f].toString(16);
                return e.toLowerCase()
        }
        var a=toNumbers("f655ba9d09a112ffff8c63579db590b4"),
            b=toNumbers("98344c2eee86c3ffff90592585b49f80"),
            c=toNumbers("1286963467aa92ffff8323bdca0d7be9");
        document.cookie="__test="+toHex(slowAES.decrypt(c,2,a,b))+"; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/"; 
        location.href="http://myserver.byethost8.com/myPhpPage.php?i=1";
    </script>
    <noscript>This site requires Javascript to work, please enable Javascript in your browser or use a browser with Javascript support</noscript>
</body>

  1. 脚本将验证 cookie 添加到文档并将其重定向到我们实际要访问的 url。 testcookie-nginx-module 验证 cookie AES 密钥并让请求命中 url,后者将以我们想要访问的 JSON 数据进行响应。

在接下来的 HTTP 请求中,客户端将存储 cookie 并将其添加到跳过步骤 1 的请求中。

我们 Android 应用程序的解决方案

我们将通过从 Web 浏览器获取 cookie 并将其直接添加到我们的 Android HTTP 请求来跳过 cookie 生成(当然除非您想参与生成它)。

在您从网络浏览器获取 cookie 之前,请确保您至少使用浏览器访问过 url 一次以生成它。

  • 正在从网络浏览器获取 cookie 密钥。我用了 Google Chrome:

    1. 从浏览器右上角的 Chrome 菜单中,select 设置
    2. 在页面底部,单击显示高级设置...
    3. 在隐私下,select内容设置...
    4. select 所有 cookie 和网站数据....
    5. 搜索您的网站名称。通过搜索 "byethost" 你会找到它。
    6. 打开名为__test的cookie并复制contentpath[=72的值=]和过期
  • 在我们的 Android 应用程序上设置 cookie。在你的代码上应该是这样的:

    try 
    {
     if(post == "POST")
     {
         HttpClient httpClient = new DefaultHttpClient();
         HttpPost httpPost = new HttpPost(loginUrl);
         httpPost.setEntity(new UrlEncodedFormEntity(para));
         httpPost.setHeader("User-Agent","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.10240 ");
         httpPost.addHeader("Cookie", "__test=THE_CONTENT_OF_YOUR_COOKIE_HERE; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/");
         HttpResponse httpResponse = httpClient.execute(httpPost);
         HttpEntity httpEntity = httpResponse.getEntity();
         is = httpEntity.getContent();
    }
    else if(post == "GET")
    {
        HttpClient httpClient = new DefaultHttpClient();
        String paramString = URLEncodedUtils.format(para, "utf-8");
        loginUrl += "?" + paramString;
        HttpGet httpGet = new HttpGet(loginUrl);
        httpGet.addHeader("Cookie", "__test=THE_CONTENT_OF_YOUR_COOKIE_HERE; expires=Thu, 31-Dec-37 23:55:55 GMT; path=/");
        HttpResponse httpResponse = httpClient.execute(httpGet);
        HttpEntity httpEntity = httpResponse.getEntity();
        is = httpEntity.getContent();
    }
    }
    

就是这样。现在,每次应用程序发出 HTTP 请求时,它都会包含用于传递 testcookie-nginx-module 的 cookie,并将检索您的 JSON 数据。

希望这对您有所帮助,还不算太晚。

此致

我应该添加以下内容作为答案,因为它是绕过上述问题的解决方法。发布可能对某人有帮助:

这个问题只要写exit()就可以解决;在最后一个可执行语句的 php 文件中。 这将退出 php 文件并且不会追加文本。 例如

<?php
include('config.php');
date_default_timezone_set("Asia/Calcutta");

$result1 = mysqli_query($con,"SELECT  *
                                FROM  `pj_medionline_mst_stockist` 
                                ORDER BY  `pj_medionline_mst_stockist`.`ID` ASC ");


$response = array();
$posts = array();
while($row=mysqli_fetch_array($result1))
{
    $id =$row["ID"];
    $stkcode =$row["stkcode"];
    $comName =$row["ComName"];
    $operatorid =$row["operatorid"];
    $password =$row["Password"];


    $posts[] = array('id'=>$id, 'stkcode'=>$stkcode, 'stkname'=>$comName, 'operatorid'=>$operatorid, 'password'=>$password);
}

$response['stokist'] = $posts;
print(json_encode($response));
exit();
?>