static async Task SendPostRequest()
{
// Create an instance of HttpClient
using (HttpClient client = new HttpClient())
{
// Specify the URL to which you want to send the POST request
//string url = "https://privatemessages.roblox.com/v1/messages/send";
string url = "https://auth.roblox.com/";
HttpClientHandler handler = new HttpClientHandler();
// Create a cookie container
handler.CookieContainer = new CookieContainer();
// Set the cookie for the specific website
Uri uri = new Uri("https://roblox.com");
handler.CookieContainer.Add(uri, new Cookie(".ROBLOSECURITY", "MY_SECURITY_COOKIE_HERE"));
client.DefaultRequestHeaders.Add("X-CSRF-TOKEN", "MY_TOKEN");
// ignore this
var postData = new FormUrlEncodedContent(new[]
{
new KeyValuePair<string, string>("userId", "2222602108"),
new KeyValuePair<string, string>("subject", "hey"),
new KeyValuePair<string, string>("body", "thank you for adding me as a friend"),
new KeyValuePair<string, string>("recipientId", "2222602108"),
new KeyValuePair<string, string>("replyMessageId", "0"),
new KeyValuePair<string, string>("includePreviousMessage", "false")
});
// Send the POST request
HttpResponseMessage response = await client.PostAsync(url, postData);
// Check if the request was successful
if (response.IsSuccessStatusCode)
{
// Read the response content as a string
string responseContent = await response.Content.ReadAsStringAsync();
// Output the response content
Console.WriteLine("Response:");
Console.WriteLine(responseContent);
}
else
{
// If the request was not successful, output the status code
Console.WriteLine($"Error: {response.StatusCode}");
Console.WriteLine("Response:");
string responseContent = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseContent);
}
}
}
我正在尝试让 ROBLOX Web API 来验证来自 C# 的调用,
我有一个有效的安全 cookie 和 CSRF 令牌,但它似乎仍然不想对我进行身份验证。
我尝试在发送请求之前将 CSRF 令牌添加为 cookie 和标头。我还尝试过在几个不同的端点上进行身份验证。
@Yorick 对这个问题的回答非常有帮助。
事实证明,如果您从浏览器中抓取 CSRF 令牌来使用它将不起作用,您必须使用有效的 .ROBLOSECURITY cookie 向 https://auth.roblox.com/ 发送请求并使用标头中提供的 CSRF 令牌。这是我添加到上面的代码中以获得
x-csrf-token
。
HttpResponseMessage response = await client.PostAsync(url, postData);
if (response.Headers.TryGetValues("x-csrf-token", out var values))
{
csrfToken = string.Join(",", values);
Console.WriteLine("x-csrf-token recv: " + csrfToken);
}
这将获取响应中包含的所有标头,并设置要在应用程序中其他地方使用的
csrfToken
值。
希望这对遇到此问题的任何人都有帮助。