[漏洞] 获取用户动态有高概率触发412风控 #1012
Description
Python 版本: 3.11.4
模块版本: 17.4.1
运行环境: Windows
模块路径: bilibili_api.user
解释器: cpython
使用的网络请求库: aiohttp
报错信息:
Page: 1
Page: 2
Traceback (most recent call last):
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\sync.py", line 36, in sync
asyncio.get_running_loop()
RuntimeError: no running event loop
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Users\Admin_233\Desktop\test\test.py", line 42, in <module>
sync(main())
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\sync.py", line 38, in sync
return __ensure_event_loop().run_until_complete(coroutine)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Program Files\Python311\Lib\asyncio\base_events.py", line 653, in run_until_complete
return future.result()
^^^^^^^^^^^^^^^
File "C:\Users\Admin_233\Desktop\test\test.py", line 21, in main
page = await u.get_dynamics_new(offset)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\user.py", line 651, in get_dynamics_new
await Api(**api, credential=self.credential).update_params(**params).result
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\network.py", line 2385, in result
return await self.request()
^^^^^^^^^^^^^^^^^^^^
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\network.py", line 2377, in request
raise e
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\network.py", line 2368, in request
return await self._request(raw=raw, byte=byte)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\network.py", line 2334, in _request
ret = self._process_response(resp=resp, raw=raw)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\Users\Admin_233\AppData\Roaming\Python\Python311\site-packages\bilibili_api\utils\network.py", line 2272, in _process_response
raise NetworkException(resp.code, resp.utf8_text())
bilibili_api.exceptions.NetworkException.NetworkException: 网络错误,状态码:412 - <!DOCTYPE html>
<html lang="zh-cn">
<head>
<meta http-equiv="Access-Control-Allow-Origin" content="*" />
<meta http-equiv="Page-Enter" content="blendTrans(Duration=0.5)">
<meta http-equiv="Page-Exit" content="blendTrans(Duration=0.5)">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="viewport" content="width=device-width, user-scalable=no, initial-scale=1.0, maximum-scale=1.0, minimum-scale=1.0">
<meta name="spm_prefix" content="333.937">
<title>出错啦! - bilibili.com</title>
<link rel="shortcut icon" href="//static.hdslb.com/images/favicon.ico">
<script type="text/javascript" src="//s1.hdslb.com/bfs/static/jinkela/long/js/jquery/jquery1.7.2.min.js"></script>
<style>
body {
margin: 0;
padding: 0;
width: 100vw;
height: 100vh;
}
.error-container {
height: 100%;
width: 100%;
display: flex;
justify-content: center;
align-items: center;
}
.captcha-content {
text-align: center;
}
.txt-wrap {
margin-top: 15px;
font-size: 12px;
line-height: 22px;
color: #999;
text-align: left;
}
.txt-item.err-code {
font-size: 28px;
font-weight: 700;
text-align: center;
color: #4c93ff;
margin-top: 16px;
}
.captcha-img {
width: 160px;
height: 160px;
margin: auto;
background: url('https://i0.hdslb.com/bfs/static/jinkela/long/412/%E9%A1%B5%E9%9D%A2%E7%8A%B6%E6%80%81%E5%9B%BE.png') no-repeat center / cover;
}
.err-text {
color: #03a9f4;
}
.err-default {
font-size: 16px;
margin-top: 10px;
}
</style>
</head>
<body>
<noscript>
<strong>抱歉!我们需要允许JavaScript才能够正常运行。请打开后重试~</strong>
<strong>错误:412</strong>
</noscript>
<div class="error-container">
<div class="captcha-content">
<div class="captcha-img"></div>
<div class="txt-item err-code">错误号: 412</div>
<div class="txt-item err-text"></div>
<div class="txt-item err-default">由于触发哔哩哔哩安全风控策略,该次访问请求被拒绝。
<div class="txt-item">The request was rejected because of the bilibili security control policy.</div>
</div>
<div class="txt-wrap">
<div class="txt-item datetime_now"></div>
<div class="txt-item user_url"></div>
<div class="txt-item user_ip"></div>
<div class="txt-item user_id"></div>
</div>
<div class="check-input">
<div class="title"></div>
<div class="box-pic"></div>
<div class="box"></div>
<div class="state"></div>
</div>
</div>
</div>
<script type="text/javascript" charset="utf-8" src="//security.bilibili.com/static/js/sha256.min.js"></script>
<script type="text/javascript" charset="utf-8" src="//security.bilibili.com/static/js/js.cookie.min.js"></script>
<script type="text/javascript" charset="utf-8" src="//security.bilibili.com/static/js/412.js"></script>
</body>
</html>。
报错代码:
import json
import asyncio
from bilibili_api import user, sync
# 实例化
u = user.User(546195) #以老番茄为例
async def main():
# 用于记录下一次起点
offset = ""
# 用于存储所有动态
dynamics = []
count = 0
# 无限循环,直到 has_more != 1
while True:
# 获取该页动态
page = await u.get_dynamics_new(offset)
dynamics.extend(page["items"])
if page["has_more"] != 1:
# 如果没有更多动态,跳出循环
break
# 设置 offset,用于下一轮循环
offset = page["offset"]
count += 1
print("Page: ", count)
await asyncio.sleep(2)
# 打印动态数量
print(f"共有 {len(dynamics)} 条动态")
# 入口
sync(main())获取用户动态无论登不登陆都有很高概率触发412风控,并提示“抱歉!我们需要允许JavaScript才能够正常运行。请打开后重试~”。即使每次获取间加上延时还是难以获取。
似乎是近一个月增加的限制,之前没有。