I am trying to collect data from the following URL: https://muskegon.policetocitizen.com/Inmates/Catalog.
This relies on a secondary POST to https://muskegon.policetocitizen.com/api/Inmates/3 using an X-XSRF-TOKEN (which appears to be just an XSRF token, available in cookies.
When I try to include the specified parameters and this token, my code is as follows:
import requests
from urllib.parse import urlencode
r = requests.Session()
res = r.get(url)
cookies = res.cookies
cross_ref_token = res.cookies.get("XSRF-TOKEN")
payload = {
"FilterOptionsParameters": {
"IntersectionSearch": "true",
"SearchText": "",
"Parameters": []
},
"IncludeCount": "true",
"PagingOptions": {
"SortOptions": [],
"Take": 10,
"Skip": 0
}
}
headers = {
"User-Agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36",
"X-XSRF-TOKEN": cross_ref_token,
"Content-Type": "application/json;charset=UTF-8",
"Accept": "application/json, text/plain, */*"
}
res = r.post(self.api_url, headers=headers, params=urlencode(payload), cookies=cookies)
Including the above, I'm still receiving a 500. Not sure if the problem is specifically failure to include the nested parameters, or another missing identifier?
Update
Is this potentially related to the nonce attribute of the content security policy?
No comments:
Post a Comment