This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming .Net/C # asp.net Alibaba Cloud Slider Verification Code Test [with Source Code]
View: 63308|Reply: 17

[ASP.NET] asp.net Alibaba Cloud Slider Verification Code Test [with Source Code]

[Copy link]
Posted on 4/2/2018 1:30:39 PM | | | |
Introduction to Alibaba Cloud Slider Verification:

Swipe verification is a verification code product that serves the front line of Alibaba's human-machine recognition. Users can pass verification without thinking by simply swiping right to interact.

Document link: https://help.aliyun.com/document_detail/66317.html

Product purchase link: https://yundun.console.aliyun.com/?p=afs#/person-machine



The general process of Alibaba Cloud slider verification code is as follows:

After the web page loads - > get the verification code - > the user slides the verification code - > obtain the csessionid and sig parameters from the Alibaba Cloud interface - > request it from our backend interface with csessionid, sig, nc_token, nc_login parameters - > get the parameters in the background to verify the > return to the front-end verification results

Renderings:



The html code is as follows:

The test.ashx interface code is as follows:

ip.ashx interface code:



When verifying in the background, there are 6 parameters,4 of the parameters are obtained from the foreground, and 2 parameters are filled in from the backgroundAs follows:



RemoteIp parameter, I have not found an explanation of this parameter from the official Alibaba Cloud documentation。。。。。 Literally, we can see that this parameter is the IP address of the requester...

web.config has a configuration:



When IsRemoteIp is true, I return the forged IP, which is 8.8.8.8, and if it is false, we return the real IP of the user, as shown in the figure below:



The test results, whether it is a fake request IP or a real requester IP, do not affect the verification results, which indicates that RemoteIP should have almost no effect on the verification results...

If the csessionid is forged, the verification will fail, and if the token is forged, the verification will also fail!

The following image shows the value of the forged token:



(End)

Source code download:

Tourists, if you want to see the hidden content of this post, pleaseReply





Previous:[Windows API] Code Assistant for C# Query API [with source code]
Next:Say goodbye to the Windows era! Microsoft disbanded its engineering team to focus on cloud services

Related Posts
Posted on 1/11/2019 11:45:01 AM |
Hello, Alibaba Cloud slider verification code has a need, how to contact you, I QQ 132.188.6153
Posted on 1/11/2019 11:27:48 AM |
I have been looking for information on this piece, hoping to study it
Posted on 7/25/2019 10:39:16 AM |
thanks
This Alibaba document is really a bit watery
Posted on 4/4/2018 2:13:44 PM |
Take a look
Posted on 1/7/2019 9:46:47 AM |
Thanks for sharing!
Posted on 1/11/2019 12:47:27 PM |
Learn to learn
Posted on 2/28/2019 5:12:10 PM |
Learned, thank you for sharing
Posted on 4/13/2019 4:05:13 PM |
Amazing, amazing, amazing, amazing
Posted on 4/15/2019 11:54:50 PM |
look look look
Posted on 4/16/2019 8:45:36 PM |
Learn it
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com