wireshark分析post请求
138 70.501843606 127.0.0.1 127.0.0.1 HTTP 114 POST /Testapi/info/getPortinfo HTTP/1.1(text/plain) (text/plain) (text/plain) (text/plain)Frame 138: 114 bytes on wire (912 bits), 114 bytes captured (912 bits) on interface 0
Ethernet II, Src: 00:00:00_00:00:00 (00:00:00:00:00:00), Dst: 00:00:00_00:00:00 (00:00:00:00:00:00)
Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
Transmission Control Protocol, Src Port: 43854 (43854), Dst Port: 9199 (9199), Seq: 1112, Ack: 1, Len: 48
Source Port: 43854
Destination Port: 9199
Sequence number: 1112 (relative sequence number)
Acknowledgment number: 1 (relative ack number)
Header Length: 32 bytes
Flags: 0x018 (PSH, ACK)
Window size value: 342
Checksum: 0xfe58
Urgent pointer: 0
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
TCP segment data (48 bytes)
Hypertext Transfer Protocol
POST /Testapi/info/getPortinfo HTTP/1.1\r\n
Request Method: POST
Request URI: /Testapi/info/getPortinfo
Request Version: HTTP/1.1
Content-Length: 867\r\n
Content-Type: multipart/form-data; boundary=vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Host: localhost:9199\r\n
Connection: Keep-Alive\r\n
User-Agent: Apache-HttpClient/4.5.1 (Java/1.8.0_121)\r\n
Accept-Encoding: gzip,deflate\r\n
\r\n
MIME Multipart Media Encapsulation, Type: multipart/form-data, Boundary: "vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg"
First boundary: --vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Content-Disposition: form-data; name="jsonBody"\r\n
Content-Type: text/plain; charset=UTF-8\r\n
Content-Transfer-Encoding: 8bit\r\n\r\n
Line-based text data: text/plain
{"reqDatas":[{"reqData": "\345\207\244\345\207\260","city": "\344\270\211\344\272\232"}],"type": "airport"}
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Last boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg--\r\n
multipart/form-data详细介绍
1.什么是Multipart/form-data?
Multipart/form-data是上传文件的一种方式。
Multipart/form-data其实就是浏览器用表单上传文件的方式。最常见的情境是:在写邮件时,向邮件后添加附件,附件通常使用表单添加,也就是用multipart/form-data格式上传到服务器。
2.上传具体的步骤:
首先,客户端和服务器建立连接(TCP协议)。
第二,客户端可以向服务器端发送数据。因为上传文件实质上也是向服务器端发送请求。
第三,客户端按照符合“multipart/form-data”的格式向服务器端发送数据。(这一点非常重要)。
3.关于Multipart/form-data的格式
1)概述
其实关于Multipart/form-data的格式有多重不同的表示方法,但是我认为最权威的一种说法如下:
First, there are some basics you need to understand about multipart/formdata posts. Each part consists of at least a NAME and a CONTENTS part. If the part is made for file upload, there are also a stored CONTENT-TYPE and a FILENAME. Below, we'll discuss what options you use to set these properties in the parts you want to add to your post.
首先,你需要理解一些关于multipart/formdata post的一些基础知识。每一个part包含至少一个NAME和一个CONTENT部分。如果这个part用来上传文件,那么也可以有CONTENT-TYPE和FILENAME这些信息。(from http://curl.haxx.se/libcurl/c/curl_formadd.html)
wireshark来抓包NameContent
MIME Multipart Media Encapsulation, Type: multipart/form-data, Boundary: "vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg"
First boundary: --vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Content-Disposition: form-data; name="auth"\r\n
Content-Type: text/plain; charset=UTF-8\r\n
Content-Transfer-Encoding: 8bit\r\n\r\n
Line-based text data: text/plain
f7abcfdf12361389
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Content-Disposition: form-data; name="sig"\r\n
Content-Type: text/plain; charset=UTF-8\r\n
Content-Transfer-Encoding: 8bit\r\n\r\n
Line-based text data: text/plain
dc1234a401cfdad847a40123c050b3efffa6bf47
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Content-Disposition: form-data; name="jsonBody"\r\n
Content-Type: text/plain; charset=UTF-8\r\n
Content-Transfer-Encoding: 8bit\r\n\r\n
Line-based text data: text/plain
{"reqDatas":[{"reqData": "\345\207\244\345\207\260","city": "\344\270\211\344\272\232"}],"type": "aport"}
Boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg\r\n
Encapsulated multipart part:(text/plain)
Content-Disposition: form-data; name="time"\r\n
Content-Type: text/plain; charset=UTF-8\r\n
Content-Transfer-Encoding: 8bit\r\n\r\n
Line-based text data: text/plain
1493349038027
Last boundary: \r\n--vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg--\r\n
详细介绍:
首先:介绍wireshark中字段与Multipart/form-data的对应关系:
MIME Multipart Media Encapsulation:代表整个Multipart/form-data上传文件中的数据。
Encapsulated multipart part:代表表单中不同部分的数据。
Boundary:用来隔开表单中不同部分的数据。
其次,详细介绍:
1) MIME Multipart Media Encapsulation ,Type:multipart/form-data,Boundary:“----------vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg”
这行指出这个请求是multipart/form-data格式的,且boundary是“----------vdY2kQHa9tkdRw5pGP6IlyxkLEpKkwwwiFf0p_hg”这个字符串。
2)关于Boundary:Boundary:用来隔开表单中不同部分的数据。实际上,每部分数据的开头都是由“--”+boundary开始的(这是MIME标准中讲述的标准内容)。
3)Encapsulated multipart part:紧跟着boundary的是该部分数据的描述:
Content-Dispostion:form-data;name="Filename"\r\n
每一个part至少一个name和一个content部分。
页:
[1]