码迷,mamicode.com
首页 > 其他好文 > 详细

美团外卖商家获取订单-signToken取值

时间:2017-05-31 10:19:42      阅读:1374      评论:0      收藏:0      [点我收藏+]

标签:origin   rem   fmm   stat   inf   yii   dex   shm   rc4   

所需工具:

  • findller
  • chrome

获取外卖历史订单地址为:

http://e.waimai.meituan.com/v2/order/history/r/query?getNewVo=1&wmOrderPayType=2&wmOrderStatus=-2&sortField=1&startDate=2017-05-30&endDate=2017-05-30&lastLabel=&nextLabel=&signToken=05StD%7BKnLehoTpdt%3BjdsaJIg3tMxPAH%5B%40Mn%40luuu4hmFQeD%60Hu7Ie%3Bnd%7BFWr%60pNUD2KnwqI7cUOGZlM%3BSEuvA%60FmNLtujpdz%60AX-a%3B4o-uk)MKl3%7B5dXjUENrzN4rf1XDumEGM%60Vzws0)cA0%3A3RVHe%3F%3F&_token=eJx90FtvolAQAOD%252FwqtEzo2byT6g1iqpFi9QpekDwikcrFAPqGCz%252F32PrJL1ZQnJfBmGmcn8SHwSST0IxKPLUlkIE1ODqgaRAaFIhf%252FmMMS6yG25N5R67xBqmqwh9HHNLETiHWKR0TXjQ74RCyIi3mvNRJRISVl%252B9xSFds8B2wesu6esPAZZN8z3ygkpOY8oVxJWlDmvJfm%252F5ZJoul9dm6qQyJBAUa9CLENstjJaaY2QEG4EhcBVwJAhUls1X8Ux7tKEms5AfRC4CzbTAHlQMxfgB%252Bmtml0AagUf9HcXcBMxzVZiP0gaaa1wK3CXobfC9391rZkhTra7nkzE4BbLWyxYnEk9idpVlILyFO%252BsjeV0XvrVxLGH1dDdTdhgOXATfTOwKRrxz8JbeGnu5HyQmfTlyyT7qRb5VvhEybGfsz23Gcs4K%252BfWBVmHPqDea7EgMdeSsJ4PYE3rEDg1mb88ueF5aKrBxh5bgZGMLkfDnZ7cYHYpHY5jpMxY5kdPkwkx5%252BNtZ%252BjlW4sV1heNYzNIYZYEq2f%252Fkzn87bVGGYSHMb5Uqun3s9oLy8ErDXS63L2BacFZAfR0Napm6y0dZdGUTDuH2Vt2TM2td1gbxtI1o5G3Pq3wNF7aQ38%252B9jvpeUNG1cLJlCrIPt15BVKkq9t17X5fknNleRf%252FGcI%252BsDfr8vxL%252Bv0HGsLkRQ%253D%253D

里面有一个signToken,我们该如何获取signToken的值呢?

用chrome访问http://e.waimai.meituan.com/v2/order/history 这个页面后,发现有一个

http://e.waimai.meituan.com/static/59229326/js/page/order/history.js 比较可疑,

于是拿出来分析,通过查询发现里面有signToken

经过分析,得到大概是下面这段js代码

define(‘module/ajax_util‘,["module/interface"],function(e){var r=jQuery.ajax,t=$(".J-csrf-token"),n=$(".J-sign-token"),a=t.val(),o=n.val(),d=[e.order.getNewOrderFromInterval,e.order.queryProcessedOrderList,e.order.queryHisOrderList];t.remove(),n.remove();var i=function(r){return r&&r.indexOf(e.order.queryHisOrderList)>-1?100007:r&&r.indexOf(e.order.recipientPhone)>-1?100008:r&&r.indexOf(e.order.getPrintOrderInfo)>-1?100009:null},u=location.origin,s=function(e){var r=[];for(var t in e)r.push(t+"="+e[t]);return r.join("&")},f=function(e,r){for(var t=0,n=e.length;n>t;t++)if(r&&-1!==r.indexOf(e[t]))return!0},c=function(e){
    if(e){
        for(var r="",t=0,n=e.length;n>t;t++)
            r+=String.fromCharCode(2^e.charCodeAt(t));
        return r
    }return""
},l=c(o);

$.ajax=function(e){e.type&&"post"===e.type.toLowerCase()&&(e.data&&"function"==typeof e.data.append?e.data.append("csrfToken",a):e.data=$.extend(e.data||{},{csrfToken:a}))
,f(d,e.url)&&(e.data&&"function"==typeof e.data.append?e.data.append("signToken",l):e.data=$.extend(e.data||{},{signToken:l}));
var t=function(e,r,t){};e.success&&jQuery.isFunction(e.success)&&(t=e.success),e.success=function(e,r,n){4001===e.code?alert(e.msg):4002===e.code?top.location.reload():1017===e.code?alert(e.msg):t(e,r,n)};var n=function(e,r,t){};"function"==typeof e.error&&(n=e.error),e.error=function(r,t,a){n(r,t,a);({eventTime:Math.floor((new Date).getTime()/1e3),responseCode:r.status,url:e.url,param:e.data,msg:t})};
var o=i(e.url);if(o){Rohr_Opt.Flag=o;var c=s(e.data?e.data:{});Rohr_Opt.reload(u+e.url+(c?(e.url.indexOf("?")>-1?"&":"?")+c:"")),e.data?e.data._token=rohrdata:e.data={_token:rohrdata}
}return r(e)
}
});

signToken的取值:

1.获取http://e.waimai.meituan.com/v2/order/history 页面隐藏表单域J-sign-token的值

<input type="hidden" class="J-sign-token" value="27QvFyIlNgjmVrfv9hfqcHKe1vOzRCJYBOlBnwww6joDSgFbJw5Kg9lfyDUpbrLWF0IlusK5aWMEXnO9QGwtCbDoLNvwhrfxbCZ/c96m/wi+OIn1y7fZhWGLpxL6pd3ZFwoGEObTxuq2+aC281PTJg=="/>

2.通过以下算法得到r的值,即为signToken

for(var r="",t=0,n=e.length;n>t;t++)
     r+=String.fromCharCode(2^e.charCodeAt(t));

 

美团外卖商家获取订单-signToken取值

标签:origin   rem   fmm   stat   inf   yii   dex   shm   rc4   

原文地址:http://www.cnblogs.com/bqh10086/p/6922134.html

(1)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!