请问关于c的具体应用场景有哪些?

2026-04-29 05:472阅读0评论SEO问题
  • 内容介绍
  • 文章标签
  • 相关推荐

本文共计705个文字,预计阅读时间需要3分钟。

请问关于c的具体应用场景有哪些?

以下是修改后的内容:

plaintext以下是进行身份验证的代码,生成Authorization头部并调用API。不幸的是,我在API上发起GET请求后收到401+Unauthorized错误。但是,当我捕获Fiddler中的流量并重放时,API调用成功,我可以看到所期望的。

下面是进行身份验证的代码,生成Authorization标头并调用API.

不幸的是,我在API上发出GET请求后收到401 Unauthorized错误.

请问关于c的具体应用场景有哪些?

但是,当我捕获Fiddler中的流量并重放它时,对API的调用成功,我可以看到所需的200 OK状态代码.

[Test] public void RedirectTest() { HttpResponseMessage response; var client = new HttpClient(); using (var authString = new StringContent(@"{username: ""theUser"", password: ""password""}", Encoding.UTF8, "application/json")) { response = client.PostAsync("host/api/authenticate", authString).Result; } string result = response.Content.ReadAsStringAsync().Result; var authorization = JsonConvert.DeserializeObject<CustomAutorization>(result); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authorization.Scheme, authorization.Token); client.DefaultRequestHeaders.Add("Accept", "application/vnd.host+json;version=1"); response = client.GetAsync("host/api/getSomething").Result; Assert.True(response.StatusCode == HttpStatusCode.OK); }

当我运行此代码时,Authorization标头丢失.

但是,在Fiddler中,标题成功传递.

知道我做错了什么吗?

您遇到此行为的原因是它是设计的.

遵循重定向时,大多数HTTP客户端(默认情况下)会删除授权标头.

一个原因是安全.客户端可能会被重定向到不受信任的第三方服务器,您不希望向其披露您的授权令牌.

您可以做的是检测重定向是否已发生,并将请求直接重新发送到正确的位置.

您的API返回401 Unauthorized以指示授权标头丢失(或不完整).我将假设如果请求中存在授权信息,则相同的API将返回403 Forbidden但是不正确(用户名/密码错误).

如果是这种情况,您可以检测“重定向/丢失授权标头”组合并重新发送请求.

以下是重写的问题的代码:

[Test] public void RedirectTest() { // These lines are not relevant to the problem, but are included for completeness. HttpResponseMessage response; var client = new HttpClient(); using (var authString = new StringContent(@"{username: ""theUser"", password: ""password""}", Encoding.UTF8, "application/json")) { response = client.PostAsync("host/api/authenticate", authString).Result; } string result = response.Content.ReadAsStringAsync().Result; var authorization = JsonConvert.DeserializeObject<CustomAutorization>(result); // Relevant from this point on. client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authorization.Scheme, authorization.Token); client.DefaultRequestHeaders.Add("Accept", "application/vnd.host+json;version=1"); var requestUri = new Uri("host/api/getSomething"); response = client.GetAsync(requestUri).Result; if (response.StatusCode == HttpStatusCode.Unauthorized) { // Authorization header has been set, but the server reports that it is missing. // It was probably stripped out due to a redirect. var finalRequestUri = response.RequestMessage.RequestUri; // contains the final location after following the redirect. if (finalRequestUri != requestUri) // detect that a redirect actually did occur. { if (IsHostTrusted(finalRequestUri)) // check that we can trust the host we were redirected to. { response = client.GetAsync(finalRequestUri).Result; // Reissue the request. The DefaultRequestHeaders configured on the client will be used, so we don't have to set them again. } } } Assert.True(response.StatusCode == HttpStatusCode.OK); } private bool IsHostTrusted(Uri uri) { // Do whatever checks you need to do here // to make sure that the host // is trusted and you are happy to send it // your authorization token. if (uri.Host == "host") { return true; } return false; }

请注意,您可以保存finalRequestUri的值并将其用于将来的请求,以避免重试中涉及的额外请求.但是,由于这是临时重定向,因此您应该每次都将请求发送到原始位置.

标签:重定向丢失授权

相关推荐

125317【开源】在飞书 lark-cli 基础上 Vibe 了一个 Codex App 版本125318Claude再次宕机,每周一崩达成125322你已入选 Xiaomi MiMo Orbit-百万亿 Token 创造者激励计划125326使用GPT模型写代码,如果硬要二选一,codex cli和claude code怎么选择?125331求推荐五一西安旅游住宿地点和吃喝玩乐攻略125341claude cli 使用 deepseek125345cursor自动模式Auto根本花不完啊125347xiaomi mimo怎么送这么多token125354选出你心目中的国产御三家吧125355智谱新出的zcode怎么样?125356勿让“躺平”宣传动摇奋斗初心,警惕意识形态渗透陷阱125368【开源】做了个 CLI 让 Claude 帮我刷 BOSS 直聘 哈哈求佬友们帮看看125370「扣扣飞车」我这裙子跟没有有什么区别()125377如何通过配置 proxy_set_header 与 $upstream_addr 实现对后端节点流量的精确染色?125379Gemini生文件125382MIMO怎么半夜还有人加班啊[doge]

本文共计705个文字,预计阅读时间需要3分钟。

请问关于c的具体应用场景有哪些?

以下是修改后的内容:

plaintext以下是进行身份验证的代码,生成Authorization头部并调用API。不幸的是,我在API上发起GET请求后收到401+Unauthorized错误。但是,当我捕获Fiddler中的流量并重放时,API调用成功,我可以看到所期望的。

下面是进行身份验证的代码,生成Authorization标头并调用API.

不幸的是,我在API上发出GET请求后收到401 Unauthorized错误.

请问关于c的具体应用场景有哪些?

但是,当我捕获Fiddler中的流量并重放它时,对API的调用成功,我可以看到所需的200 OK状态代码.

[Test] public void RedirectTest() { HttpResponseMessage response; var client = new HttpClient(); using (var authString = new StringContent(@"{username: ""theUser"", password: ""password""}", Encoding.UTF8, "application/json")) { response = client.PostAsync("host/api/authenticate", authString).Result; } string result = response.Content.ReadAsStringAsync().Result; var authorization = JsonConvert.DeserializeObject<CustomAutorization>(result); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authorization.Scheme, authorization.Token); client.DefaultRequestHeaders.Add("Accept", "application/vnd.host+json;version=1"); response = client.GetAsync("host/api/getSomething").Result; Assert.True(response.StatusCode == HttpStatusCode.OK); }

当我运行此代码时,Authorization标头丢失.

但是,在Fiddler中,标题成功传递.

知道我做错了什么吗?

您遇到此行为的原因是它是设计的.

遵循重定向时,大多数HTTP客户端(默认情况下)会删除授权标头.

一个原因是安全.客户端可能会被重定向到不受信任的第三方服务器,您不希望向其披露您的授权令牌.

您可以做的是检测重定向是否已发生,并将请求直接重新发送到正确的位置.

您的API返回401 Unauthorized以指示授权标头丢失(或不完整).我将假设如果请求中存在授权信息,则相同的API将返回403 Forbidden但是不正确(用户名/密码错误).

如果是这种情况,您可以检测“重定向/丢失授权标头”组合并重新发送请求.

以下是重写的问题的代码:

[Test] public void RedirectTest() { // These lines are not relevant to the problem, but are included for completeness. HttpResponseMessage response; var client = new HttpClient(); using (var authString = new StringContent(@"{username: ""theUser"", password: ""password""}", Encoding.UTF8, "application/json")) { response = client.PostAsync("host/api/authenticate", authString).Result; } string result = response.Content.ReadAsStringAsync().Result; var authorization = JsonConvert.DeserializeObject<CustomAutorization>(result); // Relevant from this point on. client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(authorization.Scheme, authorization.Token); client.DefaultRequestHeaders.Add("Accept", "application/vnd.host+json;version=1"); var requestUri = new Uri("host/api/getSomething"); response = client.GetAsync(requestUri).Result; if (response.StatusCode == HttpStatusCode.Unauthorized) { // Authorization header has been set, but the server reports that it is missing. // It was probably stripped out due to a redirect. var finalRequestUri = response.RequestMessage.RequestUri; // contains the final location after following the redirect. if (finalRequestUri != requestUri) // detect that a redirect actually did occur. { if (IsHostTrusted(finalRequestUri)) // check that we can trust the host we were redirected to. { response = client.GetAsync(finalRequestUri).Result; // Reissue the request. The DefaultRequestHeaders configured on the client will be used, so we don't have to set them again. } } } Assert.True(response.StatusCode == HttpStatusCode.OK); } private bool IsHostTrusted(Uri uri) { // Do whatever checks you need to do here // to make sure that the host // is trusted and you are happy to send it // your authorization token. if (uri.Host == "host") { return true; } return false; }

请注意,您可以保存finalRequestUri的值并将其用于将来的请求,以避免重试中涉及的额外请求.但是,由于这是临时重定向,因此您应该每次都将请求发送到原始位置.