打开一个网站发生了什么事情:
1.根据ip找到服务器,向服务器发送请求,返回浏览器
2.服务器收到请求后,Web Server对请求进行处理,最后将所请求的资源打包起来通过通道返回给浏览器。
3. 浏览器处理及渲染 浏览器收到Response后,首先对其进行加载,并根据其中的代码继续向服务器请求资源(css、javascript、img等),加载完成后对页面进行解析,渲染,绘制网页
参考:当你打开一个网页的时候发生了什么 - 简书
用curl发送一个header中携带user-agent:xxx的头信息
curl -I -H "User-Agent:huogewocixueyuan" http://www.baidu.com -v
向雪球发起一个股票搜索
curl -G 'https://xueqiu.com/stock/search.json' -d 'code=贵州茅台&size=3&page=1' -H 'Connection: keep-alive' -H 'Accept: application/json, text/plain, */*' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36' -H 'elastic-apm-traceparent: 00-860571b7bc6b6e77411d0de5bd2b0420-f866baeaf5f974ec-00' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=%E8%B4%B5%E5%B7%9E%E8%8C%85%E5%8F%B0' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: zh-CN,zh;q=0.9' -H 'Cookie: aliyungf_tc=AQAAAGtXURSjEQEAcqd2atDKZaL9UCkV; acw_tc=2760821f15856390740804361ea36a79c1d60cc9772c91bf09a4c6bcfc720e; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d624c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aWQiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg1NjM5MDE1NjU5LCJjaWQiOiJkOWQwbjRBWnVwIn0.IoUFjI_1QO_dJuSCXAdOBXeO3KweiorqTWuiHTAj6A0566sJ6TxgtJUHHLexDnDzeuMPgv9UUKuZZj_lxi1wxfVwxSy55oqaDw5Six6e5ZsnHQXKfrJamDqSLM7D5lcuqh7ak0WsQz-oGVeegsJTeMn5SELq9_XXCFApc8CW_7MLmaS_H8rzYA_F7jyedAKfqLgGgUYmdK7swo_fxdJPzIggLkTJX8oqfwfiypT6Bp7hV38DCFq0PjADx2nL7K2pJ7fe7oNGiMj0PpeOINO2qweZoZ0iZtwfPVu5W7DJBDEtvHl3K5x3Ff0MTo7-VcK8i9uqBTpvMF0_XCRDbg3ybg; u=451585639074085; device_id=24700f9f1986800ab4fcc880530dd0ed; Hm_lvt_1db88642e346389874251b5a1eded6e3=1585639078,1585707229,1585708105,1585917070; Hm_lpvt_1db88642e346389874251b5a1eded6e3=1585917104' --compressed
修改雪球某一支股票为自定义名字,并修改价格
修改雪球列表页股票的列表内容,修改为上千只股票
周四作业:打开一个网站发生了什么事情
1.域名解析:浏览器根据输入的网址获得一个域名,域名解析服务器将该域名解析成一个IP地址
2.建立tcp连接:浏览器获得目标IP地址后,向该IP地址的80端口发起tcp连接请求,经过标准的tcp握手流程(三次握手四次挥手)后建立tcp连接
3.建立http连接:在建立起的tcp连接中,按照http协议标准发起获取网页的请求
4.返回response响应:目标web服务器收到浏览器的请求后给予响应,返回response响应
5.浏览器渲染:浏览器根据返回的response响应生成页面内容,并生成DOM Tree,根据CSS生成CSS Rule Tree,调用js执行引擎执行js代码
6.加载网页静态资源
作业1:curl修改参数编码
curl -G 'https://www.baidu.com/s' --data-urlencode 'wd=霍格 沃兹测试学院' -H 'Connection: keep-alive' -H 'Cache-Control: max-age=0' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36' -H 'Sec-Fetch-Dest: document' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: navigate' -H 'Sec-Fetch-User: ?1' -H 'Accept-Language: zh-CN,zh;q=0.9' -H 'Cookie: BAIDUID=9D25F060230F80A4BB64DA3CBAD1E8B3:FG=1; BIDUPSID=9D25F060230F80A4BB64DA3CBAD1E8B3; PSTM=1583505950; BD_UPN=123253; BDUSS=BRZFRmfjN2aHNQfjNMSXFMT0F4cS1iYndXVmNpTDJDUkN3NVkzWG5RV0VUWXRlSVFBQUFBJCQAAAAAAAAAAAEAAAC4m6GhwLTSu7O1zsDJ-ta9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAITAY16EwGNeZV; BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; BD_HOME=1; BDRCVFR[feWj1Vr5u3D]=I67x6TjHwwYf0; delPer=0; BD_CK_SAM=1; PSINO=7; H_PS_PSSID=1436_31121_21078_31187_30906_31229_30824_31085_31163; H_PS_645EC=4173UxA%2FbFP9dyteGnBFHLstXGYf6tgl71JGBo3xCnQZNE36LvaFRwByFMBQ92WY9Tmc; BDSVRTM=118' --compressed
作业2:curl修改header user-agent的头信息
curl -G 'https://www.baidu.com/s' --data-urlencode 'wd=霍格 沃兹测试学院' -H 'User-Agent: gesila' -v -s
作业3:curl向雪球发起股票搜索
curl 'https://xueqiu.com/stock/search.json' --data-urlencode 'code=阿里巴巴' --data-urlencode 'size=3' --data-urlencode 'page=1' -H 'Connection: keep-alive' -H 'Accept: application/json, text/plain, */*' -H 'Sec-Fetch-Dest: empty' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36' -H 'elastic-apm-traceparent: 00-902d3c6f11828cab690932885a139926-5d173d54658a2b8a-00' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=%E9%98%BF%E9%87%8C%E5%B7%B4%E5%B7%B4' -H 'Accept-Language: zh-CN,zh;q=0.9' -H 'Cookie: aliyungf_tc=AQAAAPnFIiwAJA4AXYZ7d8I4jHnmZhJK; acw_tc=2760820f15854625369428985ee17b75e1b1d1a994cadc0247b966d3ea206b; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d624c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aWQiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg1NDYyNDg4ODU4LCJjaWQiOiJkOWQwbjRBWnVwIn0.GWTVOKudFLO7QAWharAgOofvMfvegWiXLw3-hWeexcg00YDhOuQpNfqrChnEoxx3EJ-9Jvr_3eb4VaXbtjA4Q3lgCbfZ_w-1351WIy0WyP9mvTRSk4PbgYJWUQEn7lRLas2sLhJwnoSCHfWNy5HO4ViJhKdlRpvmcCmbPrYhq0tadh2byHZxgARfEfeZkhAK29nsRDTL91W-r5ZpTVXOdPjiRNSPpmLngG5D146Oz12tOWNTwwnRUUJqGqH305RhfFdRXrSiqZT_uKB81AvdTc8oJMGmc8fTcuUTrsH-1B8SBO5P3IcFt2wo82Ow_HhJWdSTUixwieu40I3167gkrQ; u=461585462536952; device_id=24700f9f1986800ab4fcc880530dd0ed; Hm_lvt_1db88642e346389874251b5a1eded6e3=1585462538,1585752206,1585986029; Hm_lpvt_1db88642e346389874251b5a1eded6e3=1585986033' --compressed
作业4:Charles修改回调内容
作业5:Charles回调内容翻倍
作业6:打开一个网站发生了什么
- url域名解析
- 获取IP地址、端口
- DNS查找、获取缓存
- TCP连接
- 发送http请求
- 三次握手
- 传输数据包
- 服务器处理
- 浏览器接收请求,四次挥手
- 渲染
作业:
- Charles修改某股票自定义名字, 价格
使用rewrite 模式修改response
- 修改股票列表内容, 显示上千只
使用map local模式, 替换response data为本地mock data
疑问:
为什么host 显示为IP 地址, 不是域名
作业1:用curl发送一个header中携带user-agent:xxx的头信息
curl -I -H 'User-Agent:liuting' 'http://www.baidu.com' -v
作业2:向雪球发起一个股票搜索
curl -G 'https://xueqiu.com/stock/search.json' --data-urlencode "code=阿里巴巴 " --data-urlencode "size=3" --data-urlencode "page=1" -H 'Connection: keep-alive' -H 'Accept: application/json, text/plain, */*' -H 'Sec-Fetch-Dest: empty' -H 'U ser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, l ike Gecko) Chrome/80.0.3987.149 Safari/537.36' -H 'elastic-apm-traceparent: 00-c 739e95825f44e003cab53f1408d5308-cf2efe0a5ed1de49-00' -H 'Sec-Fetch-Site: same-or igin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=%E9%98%BF%E9 %87%8C%E5%B7%B4%E5%B7%B4' -H 'Accept-Language: zh-CN,zh;q=0.9' -H 'Cookie: aliyu ngf_tc=AQAAAAYY5lZ9bAgAtT7It0qG70FUQDn+; acw_tc=2760823715858819196504723e7633f8 e1297d31998419bb3489d203e178ba; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacae be3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d6 24c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aW QiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg1ODgxOTE4Njk0LCJjaWQiOi JkOWQwbjRBWnVwIn0.gkJtL118LttEVdJULZtG-XyvSCAZGk0tmEA56QUgaEVZSmeyRU1Sz1imrUDbDs hEif_9Ywx0_lhSgktsjO-py4fyZPMTH4oMq_6P_0OKCxDuyBC3Cz1jAOSHWcNFVYRRTluRdWbspdPeIz vTQDMsSQHutV5u2k84rvSq0R5yZkH-fNsapBGAM62GzUtxWHZRXfEniZFtH1e6FC5aUsugwDMpzbBaFl qHLiZ5IKnWGioP5xtLdiyp4ifARbgLl_k8D387-khjx4AXCEhV9ZVEKtopbJhrBAG4qvrErkZoFpm_Cd Ww6W9gSDmjuQWvHQWu_KqRw3Au4L9HwGxw7cA-IQ; u=171585881919656; Hm_lvt_1db88642e346 389874251b5a1eded6e3=1585881944; device_id=24700f9f1986800ab4fcc880530dd0ed; Hm_ lpvt_1db88642e346389874251b5a1eded6e3=1585882209' --compressed -v
作业3:修改雪球某一支股票为自定义名字
作业4:修改雪球列表页股票的列表内容,修改为上千只股票
作业5:打开一个网站会发生什么
1.URL解析
-判断输入是否合理,并根据你的操作完成一些字符编码的操作
2.DNS
-判断一下浏览器是否又缓存,判断操作是否有对应的缓存,判断一下器是否缓存
3.tcp链接
-应用层 发送HTTP请求
-传输层 传输报文,三次握手操作
-网络层 将数据进行打包,并寻找传输路线
-链路层 用于发送数据,向本网络的所有机器发送
4.服务器处理
5.浏览器响应
6.页面渲染
作业1
用curl发送一个header中携带user-agent:xxx的头信息
解题思路1
header里面的东西都需要用-H选项。
curl -H 'User-Agent:bangbo-zheng' 'https://imzbb.cc' -v
作业2
向雪球发起一个股票搜索
解题思路2
先看看雪球这个网站,打开开发者工具,过滤XHR
curl 'https://xueqiu.com/stock/search.json?code=%E7%91%9E%E5%B9%B8%E5%92%96%E5%95%A1&size=3&page=1' -H 'Connection: keep-alive' -H 'Accept: application/json, text/plain, */*' -H 'Sec-Fetch-Dest: empty' -H 'elastic-apm-traceparent: 00-282b57329e2d318442f47cb3381d9327-1f6b1a52faa2b31c-00' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36' -H 'DNT: 1' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=%E7%91%9E%E5%B9%B8%E5%92%96%E5%95%A1' -H 'Accept-Language: zh-CN,zh;q=0.9,en;q=0.8' -H 'Cookie: aliyungf_tc=AQAAAKFgjyNmBQUA8W3nePHscxiJBRiT; acw_tc=2760823415862448993416459e910e2c769cbdc505915924dd3e277477c8c5; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d624c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aWQiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg2MjQ0ODg5NzU0LCJjaWQiOiJkOWQwbjRBWnVwIn0.lQcxoPWa4XyZ5kX-O0SOAxrjYFk1IbBjvaZhQnW_rhJM03dXX4E0p1olJh1-W4XhMY44uINykH484hug03wdoJXEd0IFKDJx5G4Kqokxcv4elsKy_VJ6NLo1uh-7CFAfINxT_PR2hlCeAXzlgEAzP_wZdzjY8XPPPAx2zDGYYsv5r6jTsz_kYQlcH-em8BDeXH63TlK-o4RisvAB4UICw_K59qcI89QJ9x68EbzZ-RlhoNFJZex1Ex5byriw_RbKThJKoxz3pIh-Q6ZAGcBrGbOCdQi-WRr0W0Sb0HqIC2-2pBUQG8YcvShwDlprRcF2CoC_DrRND55etbBLfEmFGw; u=481586244899348; device_id=24700f9f1986800ab4fcc880530dd0ed; Hm_lvt_1db88642e346389874251b5a1eded6e3=1586404411; s=c611tntpf4; __utmc=1; __utmz=1.1586404432.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.495879690.1586404432.1586404432.1586416139.2; __utmt=1; __utmb=1.1.10.1586416139; Hm_lpvt_1db88642e346389874251b5a1eded6e3=1586416583' --compressed | jq
做点修改
curl -G 'https://xueqiu.com/stock/search.json' --data-urlencode "code=瑞幸咖啡" --data-urlencode "size=3" --data-urlencode "page=1" -H 'Connection: keep-alive' -H 'Accept: application/json, text/plain, */*' -H 'Sec-Fetch-Dest: empty' -H 'elastic-apm-traceparent: 00-282b57329e2d318442f47cb3381d9327-1f6b1a52faa2b31c-00' -H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36' -H 'DNT: 1' -H 'Sec-Fetch-Site: same-origin' -H 'Sec-Fetch-Mode: cors' -H 'Referer: https://xueqiu.com/k?q=%E7%91%9E%E5%B9%B8%E5%92%96%E5%95%A1' -H 'Accept-Language: zh-CN,zh;q=0.9,en;q=0.8' -H 'Cookie: aliyungf_tc=AQAAAKFgjyNmBQUA8W3nePHscxiJBRiT; acw_tc=2760823415862448993416459e910e2c769cbdc505915924dd3e277477c8c5; xq_a_token=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xqat=2ee68b782d6ac072e2a24d81406dd950aacaebe3; xq_r_token=f9a2c4e43ce1340d624c8b28e3634941c48f1052; xq_id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJ1aWQiOi0xLCJpc3MiOiJ1YyIsImV4cCI6MTU4NzUyMjY2MSwiY3RtIjoxNTg2MjQ0ODg5NzU0LCJjaWQiOiJkOWQwbjRBWnVwIn0.lQcxoPWa4XyZ5kX-O0SOAxrjYFk1IbBjvaZhQnW_rhJM03dXX4E0p1olJh1-W4XhMY44uINykH484hug03wdoJXEd0IFKDJx5G4Kqokxcv4elsKy_VJ6NLo1uh-7CFAfINxT_PR2hlCeAXzlgEAzP_wZdzjY8XPPPAx2zDGYYsv5r6jTsz_kYQlcH-em8BDeXH63TlK-o4RisvAB4UICw_K59qcI89QJ9x68EbzZ-RlhoNFJZex1Ex5byriw_RbKThJKoxz3pIh-Q6ZAGcBrGbOCdQi-WRr0W0Sb0HqIC2-2pBUQG8YcvShwDlprRcF2CoC_DrRND55etbBLfEmFGw; u=481586244899348; device_id=24700f9f1986800ab4fcc880530dd0ed; Hm_lvt_1db88642e346389874251b5a1eded6e3=1586404411; s=c611tntpf4; __utmc=1; __utmz=1.1586404432.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utma=1.495879690.1586404432.1586404432.1586416139.2; __utmt=1; __utmb=1.1.10.1586416139; Hm_lpvt_1db88642e346389874251b5a1eded6e3=1586416583' --compressed | jq
作业3
打开一个网站发生了什么?
解题思路3
打开一个网站就是给远程的一个服务器发送请求,然后获得回应并解析展现给人看。
这个过程从输入网站开始。一条URL包含着协议、域名、端口号、路由、参数等信息。
浏览器先会查看当前电脑有没有缓存,没有的话会向DNS服务器申请域名解析,获得IP地址。
获得IP地址以后向目标服务器发送tcp握手请求。
三次握手后,发送HTTP协议的请求。
目标服务器接收到请求后返回资源到浏览器。
浏览器解析这些资源,渲染出我们看到的网页。
作业4
-
修改雪球某一支股票为自定义名字,并修改价格
-
修改雪球列表页股票的列表内容,修改为上千只股票
解题思路4
-
修改自定义名字使用的是Charles中的
Rewrite功能,修改Body类型的复写规则,选择Response,匹配Value,替换Value。 -
列表内容是通过Charles的
Map Local功能实现的。首先是将Response的保存为json文件。通过jq工具手动倍增。然后在对应的Get请求做一个Map Local。这里可以将Query置空,让所有请求都返回我们手动修改的json文件。这样就达到了扩充列表内容的目的。
作业4:修改雪球列表页股票的列表内容,修改为上千只股票
作业1:用curl发送一个header中携带user-agent:xxx的头信息
作业2. 向雪球发起一个股票搜索阿里巴巴
作业3:修改雪球APP的股票名称
作业4.修改雪球列表页股票的列表内容,修改为上千只股票
问一个问题 雪球抓包 为什么显示的ip不是域名?
因为用的是模拟器,真机的话就没问题了
作业1:打开一个网站发生了什么事情
① 查本地cookie
② 浏览器与服务器建TCP连接
③ 请求响应数据
④ 关闭连接
作业2:charles mock&fake
1>“股票增减率”不可修改的原因可能是那个数据是由其他数据计算得出的,修改关联数据可修改该数据
2>增加上千条数据后,好像单页返回item量是根据param返回的