惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Hacker News: Ask HN
Hacker News: Ask HN
N
News and Events Feed by Topic
Forbes - Security
Forbes - Security
The Last Watchdog
The Last Watchdog
TaoSecurity Blog
TaoSecurity Blog
Schneier on Security
Schneier on Security
SecWiki News
SecWiki News
V
Vulnerabilities – Threatpost
Project Zero
Project Zero
O
OpenAI News
W
WeLiveSecurity
Security Archives - TechRepublic
Security Archives - TechRepublic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
H
Hacker News: Front Page
Cisco Talos Blog
Cisco Talos Blog
Spread Privacy
Spread Privacy
Help Net Security
Help Net Security
P
Privacy & Cybersecurity Law Blog
K
Kaspersky official blog
S
Security @ Cisco Blogs
Latest news
Latest news
AWS News Blog
AWS News Blog
U
Unit 42
Martin Fowler
Martin Fowler
阮一峰的网络日志
阮一峰的网络日志
S
Secure Thoughts
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Know Your Adversary
Know Your Adversary
Scott Helme
Scott Helme
博客园 - 司徒正美
B
Blog RSS Feed
C
Check Point Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
D
Docker
Google Online Security Blog
Google Online Security Blog
Jina AI
Jina AI
aimingoo的专栏
aimingoo的专栏
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Last Week in AI
Last Week in AI
月光博客
月光博客
C
CXSECURITY Database RSS Feed - CXSecurity.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
T
The Blog of Author Tim Ferriss
C
Cisco Blogs
Attack and Defense Labs
Attack and Defense Labs
小众软件
小众软件

博客园 - 郎中令

锦衣夜行,AI乐园 Redis实战:用缓存为数据库减负(二) Redis初体验: 搭建与简单应用(一) .Net Core的SwaggerUI接口分类+固定路由 真实性编码:配置NLog日志+Seq分布式 防御性编码:手搓NLog日志+Seq分布式 对接Java所谓的DES加解密 人大金仓数据库转换 人大金仓踩坑指南 RSA加解密笔记 .NetCore打包部署(DLL) 字典映射处理 SM4算法快速预览与Framework4.5版本对接 简易首页防暴力-字典计时器 vite运行打包前端-部署Linux 记一次线上数据库异常的协助排查 降本增笑:记一次首页并发白屏优化过程 solr 基础介绍以及踩坑日记 动态展示缩放背景图
HTTPS请求笔记- SSL安全通道验证问题
郎中令 · 2024-07-19 · via 博客园 - 郎中令

一直以来,遇到的POST接口请求都是 键值对的json格式,最近对接了不少公安,发现body 的请求体都是直接放置字符串,虽然postman 中会报红,但是仍然可请求成功

            using (HttpClientHandler handle = new HttpClientHandler())
            using (HttpClient httpClient = new HttpClient(handle))
            {
                HttpRequestMessage httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, url);
                string appKey = "xxxx";
                //构造签名相关
                string timeStamp = "";
                string sign = GetSign(ref timeStamp, appKey);
                httpRequestMessage.Headers.Add("sign", sign);
                httpRequestMessage.Headers.Add("参数1", timeStamp);
                httpRequestMessage.Headers.Add("参数2", "xxxx");

                //var requestData = new { sign = args };  取消键值对,直接放body值 
                StringContent content = new StringContent(args, Encoding.UTF8, "application/json");
                httpRequestMessage.Content = content;
                var httpResponseMessage = httpClient.SendAsync(httpRequestMessage);
                string result = httpResponseMessage.Result.Content.ReadAsStringAsync().Result;
                return JsonConvert.DeserializeObject<dynamic>(result);
            }

在通过 https 请求时,有时候会遇到过安全验证问题,比如什么SSL, TLS啥的, 不得不说AI确实方便,一键输入,直接对话出结果,虽然时常不怎么靠谱,但是也提供了很多好思路,很适合比较社交恐惧的马龙, 需要设置一下证书回调,安全协议

           
            if (url.StartsWith("https"))
            {
//设置证书,设置安全协议, 低版本二选一 ServicePointManager.SecurityProtocol
= SecurityProtocolType.Tls;
ServicePointManager.SecurityProtocol = (SecurityProtocolType)192 | (SecurityProtocolType)768 | (SecurityProtocolType)3072;
//锦绣
ServicePointManager.ServerCertificateValidationCallback =
ValidateServerCertificate; } using (HttpClientHandler handle = new HttpClientHandler()) using (HttpClient httpClient = new HttpClient(handle)) { HttpRequestMessage httpRequestMessage = new HttpRequestMessage(HttpMethod.Post, url); string appKey = "xxxx"; //构造签名相关 string timeStamp = ""; string sign = GetSign(ref timeStamp, appKey); httpRequestMessage.Headers.Add("sign", sign); httpRequestMessage.Headers.Add("参数1", timeStamp); httpRequestMessage.Headers.Add("参数2", "xxxx"); //var requestData = new { sign = args }; 取消键值对,直接放body值 StringContent content = new StringContent(args, Encoding.UTF8, "application/json"); httpRequestMessage.Content = content; var httpResponseMessage = httpClient.SendAsync(httpRequestMessage); string result = httpResponseMessage.Result.Content.ReadAsStringAsync().Result; return JsonConvert.DeserializeObject<dynamic>(result); }

回调方法的实现

        private bool ValidateServerCertificate(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
        {
            return true;
        }