Python 如何从我的 Flask 应用程序向另一个站点发送 GET 请求?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15463004/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I send a GET request from my flask app to another site?
提问by user1639431
Originally, I tried to post an ajax request from my client side to a third party url, but it seems that the browser have security issues with that. I thought about sending an ajax to the server side, from there to send a GET request to the third party, get the response and send it back to the client side. How can I do that with flask?
最初,我尝试将客户端的 ajax 请求发布到第三方 url,但浏览器似乎存在安全问题。我想过向服务器端发送一个ajax,从那里向第三方发送GET请求,获取响应并将其发送回客户端。我怎么能用烧瓶做到这一点?
采纳答案by Jon Clements
Install the requestsmodule (much nicer than using urllib2) and then define a route which makes the necessary request - something like:
安装requests模块(比 using 好得多urllib2),然后定义一个发出必要请求的路由 - 类似于:
import requests
from flask import Flask
app = Flask(__name__)
@app.route('/some-url')
def get_data():
return requests.get('http://example.com').content
Depending on your set up though, it'd be better to configure your webserver to reverse proxy to the target site under a certain URL.
不过,根据您的设置,最好将您的网络服务器配置为在某个 URL 下反向代理到目标站点。
回答by Martin Atkins
Flask alone does not have this capability, but it is a simple matter to write a request handler that makes a request to another server using an HTTP client library and then return that response.
Flask 本身没有这种能力,但编写一个请求处理程序,使用 HTTP 客户端库向另一台服务器发出请求,然后返回该响应是一件很简单的事情。
# third-party HTTP client library
import requests
# assume that "app" below is your flask app, and that
# "Response" is imported from flask.
@app.route("/proxy-example")
def proxy_example():
r = requests.get("http://example.com/other-endpoint")
return Response(
r.text
status=r.status_code,
content_type=r.headers['content-type'],
)
However, this will not achieve exactly the same result as you might expect from a client-side request. Since your server cannot "see" any cookies that the client browser has stored for the target site, your proxied request will be effectively anonymous and so, depending on the target site, may fail or give you a different response than you'd get requesting that resource in the browser.
但是,这不会获得与您对客户端请求所期望的完全相同的结果。由于您的服务器无法“看到”客户端浏览器为目标站点存储的任何 cookie,因此您的代理请求实际上是匿名的,因此,根据目标站点的不同,可能会失败或给出与您请求不同的响应浏览器中的资源。
If you have a relationship with the third-party URL (that is, if you control it or are able to work with the people who do) they can give access for cross-domain requests in the browser using CORS(which is only supported in modern browsers) or JSON-P(an older workaround that predates CORS).
如果您与第三方 URL 有关系(也就是说,如果您控制它或能够与这样做的人一起工作),他们可以使用CORS授予浏览器中跨域请求的访问权限(仅在现代浏览器)或JSON-P(一种早于 CORS 的旧解决方法)。
The third-party provider could also give you access to the data you want at an endpoint that is designed to accept requests from other servers and that provides a mechanism for you to authenticate your app. The most popular protocol for this is OAuth.
第三方提供程序还可以让您在一个端点访问所需的数据,该端点旨在接受来自其他服务器的请求,并为您提供一种机制来验证您的应用程序。最流行的协议是OAuth。
回答by PoLoMoTo
As the other answers have stated using the requests module for python would be the best way to tackle this from the coding perspective. However as the comments mentioned (and the reason I came to this question) this can give an error that the request was denied. This error is likely cause by SELinux.
正如其他答案所述,使用 Python 的请求模块将是从编码角度解决此问题的最佳方法。然而,正如提到的评论(以及我提出这个问题的原因),这可能会导致请求被拒绝的错误。这个错误很可能是由 SELinux 引起的。
To check if this is the issue first make sure SELinux is enabled with this command:
要检查这是否是问题,请首先确保使用以下命令启用 SELinux:
sestatus
If 'Current Mode' is 'enforcing' then SELinux is enabled.
如果“当前模式”为“强制”,则启用 SELinux。
Next get the current bool values that apply directly to apache with this command:
接下来使用以下命令获取直接应用于 apache 的当前 bool 值:
getsebool -a | grep httpd
Look for the setting 'httpd_can_network_connect' this determines if apache is allowed to make TCP requests out to the network. If it is on then all apache TCP requests will be allowed. To turn it on run the following as root:
查找设置 'httpd_can_network_connect' 这确定是否允许 apache 向网络发出 TCP 请求。如果打开,则将允许所有 apache TCP 请求。要打开它,请以 root 身份运行以下命令:
setsebool -P httpd_can_network_connect 1
If you only need database access (I had this problem before which is why I suspected SELinux here) then it would probably be better to only turn on 'httpd_cna_network_connect'.
如果您只需要访问数据库(我之前遇到过这个问题,这就是我在这里怀疑 SELinux 的原因),那么最好只打开“httpd_cna_network_connect”。
The purpose of this policy is that if a hacker was to hiHyman your apache server they would not be able to get out through the server to the rest of your internal network.
此策略的目的是,如果黑客要劫持您的 apache 服务器,他们将无法通过服务器进入您内部网络的其余部分。
This probably would've been better as a comment but I don't have enough rep..
作为评论,这可能会更好,但我没有足够的代表..
Sources: https://tag1consulting.com/blog/stop-disabling-selinuxhttps://wiki.centos.org/TipsAndTricks/SelinuxBooleans
资料来源:https: //tag1consulting.com/blog/stop-disabling-selinux https://wiki.centos.org/TipsAndTricks/SelinuxBooleans
