http://blog.chinaunix.net/uid-25508399-id-3431705.html
http://passport.jd.com/new/helloService.ashx?callback=jQuery8882675&_=1466472004370
Cookie:unpl=V2_ZzNtbRBREBZyX0ZTf0paBmIGFltLUEsdJQFCBnwQWVVjB0VdclRCFXIUR1NnGlwUZgsZXUpcQhJFCHZXchBYAWcCGllyBBNNIEwHDCRSBUE3XHxcFVUWF3RaTwEoSVoAYwtBDkZUFBYhW0IAKElVVTUFR21yVEIldQl2U3kQWQduAhtYcmdEJUU4Q1xzHFoAVwIiXHIVF0l8DEFQeR4RAmUKF19LVkoQRQk%3d; alc=WioZkFyioLHO7qwxz3UR2Q==; mp=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; thor=185EAB6657DE6B48E3736B1C6D5A0A82F91C09D41D3F1AAA4C7463AED8303FAE2D0B690F2D6C6333EBAB9891C1FE15BD63B807EF8734C20CE23B7D6835B080507CC8A5D69AB577D9905D4775E4F776B922B32C9F445837CEE0F00CA86C97627BBA3E50DFCC9F740E82C495798CEF08B12B399E818BA744238423814080D972FE; ol=1; _tp=j1dIy9aI%2BVFh5v6XwDjADcBmwvIo3UDRg8kscUE8au4JTwsvs7VJlvNwWTeGL5Mj; logining=1; unick=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; _pst=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; TrackID=146OJ_-nMkyfbaPrVgojWM9b3eYT36R8o9tbVxq_aArH40YJ7gY-Ip-bS_Mvd5SFVrokysuLG6UB5MTctgNM-GA; pinId=Y6OgKhzy4XtkZcQXK_hVcQ; ceshi3.com=BrUbQ13nJeg2MnFpre9TLzk6FaSpEkTUFsiH0A35qeQ; pin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; alpin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; __jda=122270672.638438084.1466471968.1466471968.1466471969.1; __jdb=122270672.3.638438084|1.1466471969; __jdc=122270672; __jdv=122270672|baidu-pinzhuan|t_288551095_baidupinzhuan|cpc|0f3d30c8dba7459bb52f2eb5eba8ac7d_0_c7b26f165b7244578699a85c684a55f1; __jdu=638438084
返回值
jQuery8882675({
"sso": [
"\/\/sso.jd.com\/setCookie?t=sso.360buy.com&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.jcloud.com&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.wangyin.com&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.jd360.hk&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.jd.hk&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.jdpay.com&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.yiyaojd.com&callback=?",
"\/\/sso.jd.com\/setCookie?t=sso.baitiao.com&callback=?"
],
"info": "<a href=\"\/\/home.jd.com\" target=\"_blank\" class=\"link-user\">飞夜梦雪<\/a> <a href=\"https:\/\/passport.jd.com\/uc\/login?ltype=logout\" class=\"link-logout\">退出<\/a>" -- 返回的这个片段被拼接到了京东的头部
})
=================================
后面开始往每一个xxx/setCookie发请求 redirect 触发各个站点的SSO
==================
http://order.jd.com/center/list.action order SSO
Cookie:unpl=V2_ZzNtbRBREBZyX0ZTf0paBmIGFltLUEsdJQFCBnwQWVVjB0VdclRCFXIUR1NnGlwUZgsZXUpcQhJFCHZXchBYAWcCGllyBBNNIEwHDCRSBUE3XHxcFVUWF3RaTwEoSVoAYwtBDkZUFBYhW0IAKElVVTUFR21yVEIldQl2U3kQWQduAhtYcmdEJUU4Q1xzHFoAVwIiXHIVF0l8DEFQeR4RAmUKF19LVkoQRQk%3d; _tp=j1dIy9aI%2BVFh5v6XwDjADcBmwvIo3UDRg8kscUE8au4JTwsvs7VJlvNwWTeGL5Mj; unick=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; _pst=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; TrackID=146OJ_-nMkyfbaPrVgojWM9b3eYT36R8o9tbVxq_aArH40YJ7gY-Ip-bS_Mvd5SFVrokysuLG6UB5MTctgNM-GA; pinId=Y6OgKhzy4XtkZcQXK_hVcQ; ceshi3.com=BrUbQ13nJeg2MnFpre9TLzk6FaSpEkTUFsiH0A35qeQ; pin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; __jda=122270672.638438084.1466471968.1466471968.1466471969.1; __jdb=122270672.3.638438084|1.1466471969; __jdc=122270672; __jdv=122270672|baidu-pinzhuan|t_288551095_baidupinzhuan|cpc|0f3d30c8dba7459bb52f2eb5eba8ac7d_0_c7b26f165b7244578699a85c684a55f1; thor=13DF58128E1C0435E8EC024B066F155FEF507191AD96C4E5D1E1D62F7DFE23BF84DFB096628DF965A2E501A5B6D99185CFDE55F66C10DC35972BBE7E65AC8406E7EF0077091A89B0749F87762659552B4615C38DAC135C369E1EC0E52B0720DC19AA7A33D318DED83C5A4B626A329A0B2D3C8CE11716E890255D6657C3B5E4BD; __jdu=638438084
页面展示
ajax 拉取数据
===============
有一个TrackId,我猜测这个Trackid是用户登录之后记录的,用来统计用户的访问轨迹
TrackID=146OJ_-nMkyfbaPrVgojWM9b3eYT36R8o9tbVxq_aArH40YJ7gY-Ip-bS_Mvd5SFVrokysuLG6UB5MTctgNM-GA
TrackID=146OJ_-nMkyfbaPrVgojWM9b3eYT36R8o9tbVxq_aArH40YJ7gY-Ip-bS_Mvd5SFVrokysuLG6UB5MTctgNM-GA;
=================================
top部分的复用
==================================
http://passport.jd.com/new/helloService.ashx 是可以请求的
Cookie:unpl=V2_ZzNtbURRS0Z3DhZULxwLUmIBQglKBxBCfVoTVy4fXFY3ARtZclRCFXIUR1NnGlwUZwIZXEJcQBRFCHZXchBYAWcCGllyBBNNIEwHDCRSBUE3XHxcFVUWF3RaTwEoSVoAYwtBDkZUFBYhW0IAKElVVTUFR21yVEIldQl2VHkRVQJgAhNZRWdzEkU4dlF%2fG1QEbjMTbUNnAUEpDEBVchtaSGcBGlRFUEIUcQ92VQ%3d%3d; alc=0S5UnYekCE0Ktf0L2MX7ZQ==; mp=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; ol=1; _tp=j1dIy9aI%2BVFh5v6XwDjADcBmwvIo3UDRg8kscUE8au4JTwsvs7VJlvNwWTeGL5Mj; unick=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; _pst=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; TrackID=1uL0-U3bK1lDz304tAKixrlZGTVdEFxVM7gdlr7j7yQB_gxiq3AWcTG_7Lc3nbbGdUSZCqBdo8UXnz2XPd_Nx0w; pinId=Y6OgKhzy4XtkZcQXK_hVcQ; ceshi3.com=BrUbQ13nJeg2MnFpre9TLzk6FaSpEkTUFsiH0A35qeQ; pin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; alpin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; __jdv=122270672|baidu-pinzhuan|t_288551095_baidupinzhuan|cpc|0f3d30c8dba7459bb52f2eb5eba8ac7d_0_779b37a1e4ff43ae9abf9cd2d71ba385; thor=F7ABC65679950B29E5949CEB9811F2783EC5395D45BB767A1C1B14951B8192AD44012FF82CFA7F1618A4CD5DC37C8577C66584F4884473F471516351F790E4F6440C017E17195FE0E2CC359001CDEE2FA4E40D2CD9EF1E0A66F5D7544B190587070974BD7405606E5A284635E494604B09C80570A33D158A0D417B25D06F0F7A; __jda=122270672.1398660056.1466474502.1466474502.1466474503.1; __jdb=122270672.6.1398660056|1.1466474503; __jdc=122270672; __jdu=1398660056
---------------------------------
入参 签名 防止入参被随意修改
=======================================
分类: Web开发
点击(此处)折叠或打开
- <script type="text/javascript">
- (function ($) {
- $("#shortcut .menu").Jdropdown({ delay: 50 });
- var helloUrl = window.location.protocol + "//passport.360buy.com/new/helloService.ashx?m=ls";
- jQuery.ajax({ url: helloUrl,
- dataType: "jsonp",
- scriptCharset: "gb2312",
- success: function (a) {
- //if (a && a.info) { $("#loginbar").html(a.info); }
- if (a && a.sso) {
- $.each(a.sso, function () { $.getJSON(this) })
- }
- }
- });
- }
- )(jQuery);</script>
点击(此处)折叠或打开
- <script type="text/javascript">
- jQuery.getJSON("http://sso.360top.com" + "/exit?callback=?");
- jQuery.getJSON("http://sso.qianxun.com" + "/exit?callback=?");
- jQuery.getJSON("http://sso.ehaoyao.com" + "/exit?callback=?");
- jQuery.getJSON("http://sso.360buy.com" + "/exit?callback=?");
- jQuery.getJSON("http://sso.minitiao.com" + "/exit?callback=?");
- jQuery.getJSON("http://sso.jcloud.com" + "/exit?callback=?");
- </script>
==============================
https://passport.jd.com/uc/loginService?uuid=03444217-07a9-480f-b505-407888c8240d&ReturnUrl=http%3A%2F%2Fwww.jd.com
https请求,用抓包工具是无法得到请求内容的,但是可以用浏览器查看
此请求的返回值会set一堆的cookie
Connection:close
Content-Length:34
Date:Tue, 21 Jun 2016 05:42:49 GMT
Expires:Tue, 21 Jun 2016 05:42:49 GMT
P3P:CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma:no-cache
Server:JengineD/1.7.2.1
Set-Cookie:mp=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; Expires=Thu, 21-Jul-2016 05:42:49 GMT; Path=/; HttpOnly;
Set-Cookie:thor=A61E3B2A8F27526A3605E2684E4C29B4091EC04BD652C3E98AFCFD791D10E4732CFB22B55DBB3FD66414FCCED7C303AA1741D1883F32E4F2547B1804B9BE3D1BBDCDE8E0E385E5BB1A3DC7DA21431DE69218BFD13D4F13F6BBE781B1A6CFEEBA664514B6619FE154082BA0B8CF6DD33C052EC8BCC574EA915B5B51E31653757F; Domain=.jd.com; Expires=Wed, 21-Jun-2017 05:42:49 GMT; Path=/; HttpOnly;
Set-Cookie:ol=1; Path=/; HttpOnly;
Set-Cookie:_tp=j1dIy9aI%2BVFh5v6XwDjADcBmwvIo3UDRg8kscUE8au4JTwsvs7VJlvNwWTeGL5Mj; Domain=.jd.com; Expires=Thu, 21-Jul-2016 05:42:49 GMT; Path=/;
Set-Cookie:logining=1; Domain=.jd.com; Path=/;
Set-Cookie:unick=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; Domain=.jd.com; Expires=Thu, 21-Jul-2016 05:42:49 GMT; Path=/; HttpOnly;
Set-Cookie:_pst=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; Domain=.jd.com; Expires=Thu, 21-Jul-2016 05:42:49 GMT; Path=/; HttpOnly;
Set-Cookie:TrackID=1jPlmRhmscMlPiYwhWQPFmnE20jkCnZVlDI_EtsXAq-mKMeb4twHfWOcY0J3Jib9V4tMbmBlU-GNQoeURmNUygQ; Domain=.jd.com; Expires=Sun, 20-Jun-2021 05:42:49 GMT; Path=/;
Set-Cookie:pinId=Y6OgKhzy4XtkZcQXK_hVcQ; Domain=.jd.com; Expires=Wed, 21-Jun-2017 05:42:49 GMT; Path=/;
Set-Cookie:ceshi3.com=BrUbQ13nJeg2MnFpre9TLzk6FaSpEkTUFsiH0A35qeQ; Domain=.jd.com; Path=/; HttpOnly;
Set-Cookie:pin=%E9%A3%9E%E5%A4%9C%E6%A2%A6%E9%9B%AA; Domain=.jd.com; Expires=Thu, 21-Jul-2016 05:42:49 GMT; Path=/;
Set-Cookie:_ntnDTIJ=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/
version:sdk-version