In many cases, the back-end for safety, there will be some restrictions on request headers, only a request for a head, to return the correct data. While this limits the number of malicious request data, but our clever programmers, it is useless. Here's an 极客时间example, by forging a request to talk about the head, to get 极客时间home key data. (No guarantee interfaces and security measures have been available Oh)
View geeks time data ports
If you are a front-end, this process may already know by heart, to find a port Denver, for analysis.
First, open the browser geeks time (I use chrome browser): https://time.geekbang.org/ and press F12 to open the browser console, came NetWorktab, then select the XHRtab, refresh the page at this time asynchronous data request will appear . We chose topList this interface to view it.
Copy URL: https: //time.geekbang.org/serv/v1/column/topList
We are with this interface as an example, to retrieve its data.
The request is invalid
Note that, at this time we do not set the request header, in order to demonstrate that we do not configure request header can not get the data, it will return an 451error.
451: That is illegal request, your request is not legitimate, pull off the server request, we have nothing to return to. code show as below:
import 'package:flutter/material.dart'; import 'package:dio/dio.dart'; class HomePage extends StatefulWidget { _HomePageState createState() => _HomePageState(); } class _HomePageState extends State<HomePage> { String showText='还没有请求数据'; @override Widget build(BuildContext context) { return Container( child: Scaffold( appBar: AppBar(title: Text('请求远程数据'),), body: SingleChildScrollView ( Child: the Column ( Children: <the Widget> [ RaisedButton ( onPressed: _jike, Child: the Text ( ' request data ' ), ), the Text (showText) ], ), ), ), ); } void _jike ( ) { Print ( ' start time of data request to the pole off ............ ' ); . getHttp () the then ((Val) { the setState (() { showText = Val [ 'data'].toString(); }); }); } Future getHttp()async{ try{ Response response; Dio dio = new Dio(); response =await dio.get("https://time.geekbang.org/serv/v1/column/topList"); print(response); return response.data; }catch(e){ return print(e); } } }
This time we run, click on the button to request data, the console will return to the current output of the ruthless exception message.
I/flutter ( 6942): DioError [DioErrorType.RESPONSE]: Http status error [451] E/flutter ( 6942): [ERROR:flutter/shell/common/shell.cc(184)] Dart Error: Unhandled exception:
Request header forgery
Create a new folder, named called config, and then create a file inside in httpHeaders.dart,the request header is set, you can easily get request headers Request Headers in the browser, it is necessary to transform the copy obtained.
const httpHeaders={ 'Accept': 'application/json, text/plain, */*', 'Accept-Encoding': 'gzip, deflate, br', 'Accept-Language': 'zh-CN,zh;q=0.9', 'Connection': 'keep-alive', 'Content-Type': 'application/json', 'Cookie': '_ga=GA1.2.676402787.1548321037; GCID=9d149c5-11cb3b3-80ad198-04b551d; _gid=GA1.2.359074521.1550799897; _gat=1; Hm_lvt_022f847c4e3acd44d4a2481d9187f1e6=1550106367,1550115714,1550123110,1550799897; SERVERID=1fa1f330efedec1559b3abbcb6e30f50|1550799909|1550799898; Hm_lpvt_022f847c4e3acd44d4a2481d9187f1e6=1550799907', 'Host': 'time.geekbang.org', 'Origin': 'https://time.geekbang.org', 'Referer': 'https://time.geekbang.org/', 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36' };
With the request header, the request header can be introduced, and is provided, this two main code.
import '../config/httpHeaders.dart'; dio.options.headers = httpHeaders;
Complete code is as follows:
import 'package:flutter/material.dart'; import 'package:dio/dio.dart'; import '../config/httpHeaders.dart'; class HomePage extends StatefulWidget { _HomePageState createState() => _HomePageState(); } class _HomePageState extends State<HomePage> { String showText='还没有请求数据'; @override Widget build(BuildContext context) { return Container( child: Scaffold( appbar: the AppBar (title: the Text ( ' );Requesting remote data ' ),), body: SingleChildScrollView ( Child: the Column ( Children: <the Widget> [ RaisedButton ( onPressed: _juejin, Child: the Text ( ' request data ' ), ), the Text (showText) ], ), ), ), ); } void _juejin () { Print ( ' start request data to the pole off time .................. ' . getHttp () the then ((Val) { the setState (() { showText=val['data'].toString(); }); }); } Future getHttp()async{ try{ Response response; Dio dio = new Dio(); dio.options.headers= httpHeaders; response =await dio.get("https://time.geekbang.org/serv/v1/column/topList"); print(response); return response.data; }catch(e){ return print(e); } } }
Now run the program you can get the normal data.
Summary: Dio learned how to get up data interface others, learned this is very useful by forging a request, since we want to make their own during practice Demo will not have to worry for the back-end interfaces. Of course, to see the interface method is relatively junior, we can use Fiddler to obtain such a dedicated software interface.