golang请求非安全http

最新推荐文章于 2025-03-30 11:46:55 发布

樛木南雨

最新推荐文章于 2025-03-30 11:46:55 发布

阅读量827

点赞数 1

分类专栏： golang 文章标签： golang https http tls

本文链接：https://blog.youkuaiyun.com/u013774469/article/details/79546877

版权

golang 专栏收录该内容

2 篇文章

订阅专栏

通常情况下，我们可以简单使用Golang的`net/http`包进行http或https的请求。例如如下代码所示：

package main

import (
        "net/http"
        "time"
        "strings"
        "io/ioutil"
        "errors"
        "fmt"
)

func http_do(url string, method string, body string, header map[string]string) ([]byte, error) {
        // parameter check
        if url == "" || method == "" {
                return []byte{}, errors.New("param is invald")
        }
        // make the http client
        http_client := &http.Client{Timeout: 20 * time.Second}
        // make the request
        req, err := http.NewRequest(method, url, strings.NewReader(body))
        if err != nil {
                return nil, err
        }
        if header != nil {
                for key, val := range header {
                        req.Header.Add(key, val)
                }
        }
        // do a request
        resp, err := http_client.Do(req)
        if err != nil {
                return nil, err
        }

        defer resp.Body.Close()
        return ioutil.ReadAll(resp.Body)
}

func main() {
        url := "https://www.baidu.com"
        result, err := http_do(url,"GET","",nil)
        fmt.Printf("response:\n%v\nerror:\n%v\n", string(result), err)
}

运行以上代码，通常能正确的返回结果，除非你的计算机网络存在异常。但是对于我们自搭建的https后台，我们仍通过以上代码逻辑去访问的话，将有可能发生错误。例如，我们通过如下代码访问我们自建的F5服务将会发生错误：

package main

import (
        "net/http"
        "time"
        "strings"
        "io/ioutil"
        "errors"
        "fmt"
        "encoding/base64"
)

func http_do(url string, method string, body string, header map[string]string) ([]byte, error) {
        // parameter check
        if url == "" || method == "" {
                return []byte{}, errors.New("param is invald")
        }
        // make the http client
        http_client := &http.Client{Timeout: 20 * time.Second}
        // make the request
        req, err := http.NewRequest(method, url, strings.NewReader(body))
        if err != nil {
                return nil, err
        }
        if header != nil {
                for key, val := range header {
                        req.Header.Add(key, val)
                }
        }
        // do a request
        resp, err := http_client.Do(req)
        if err != nil {
                return nil, err
        }

        defer resp.Body.Close()
        return ioutil.ReadAll(resp.Body)
}

func main() {
        user   := "admin"
        passwd := "admin"
        auth_token := "Basic "
        auth_token += base64.StdEncoding.EncodeToString([]byte(user + ":" + passwd))
        url := "https://localhost/mgmt/tm/ltm/pool"
        header := map[string]string{"Authorization":auth_token}
        result, err := http_do(url,"GET","",header)
        fmt.Printf("response:\n%v\nerror:\n%v\n", string(result), err)
}

运行以上代码将得到错误信息：

Get https://localhost/mgmt/tm/ltm/pool: x509: cannot validate certificate for localhost because it doesn't contain any IP SANs

这是因为无法验证证书导致的错误，那么我们怎么访问这种非安全https请求呢？只需要在创建http client的时候，配置 `InsecureSkipVerify` 为 `true` 即可。完整代码如下：

package main

import (
        "net/http"
        "time"
        "strings"
        "io/ioutil"
        "errors"
        "fmt"
        "encoding/base64"
        "crypto/tls"
)

func http_do(url string, method string, body string, header map[string]string) ([]byte, error) {
        // parameter check
        if url == "" || method == "" {
                return []byte{}, errors.New("param is invald")
        }
        // make the http client
        tr := &http.Transport{
                TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
        }
        http_client := &http.Client{Timeout: 20 * time.Second, Transport: tr}
        // make the request
        req, err := http.NewRequest(method, url, strings.NewReader(body))
        if err != nil {
                return nil, err
        }
        if header != nil {
                for key, val := range header {
                        req.Header.Add(key, val)
                }
        }
        // do a request
        resp, err := http_client.Do(req)
        if err != nil {
                return nil, err
        }

        defer resp.Body.Close()
        return ioutil.ReadAll(resp.Body)
}

func main() {
        user   := "admin"
        passwd := "admin"
        auth_token := "Basic "
        auth_token += base64.StdEncoding.EncodeToString([]byte(user + ":" + passwd))
        url := "https://localhost/mgmt/tm/ltm/pool"
        header := map[string]string{"Authorization":auth_token}
        result, err := http_do(url,"GET","",header)
        fmt.Printf("response:\n%v\nerror:\n%v\n", string(result), err)
}