如何查看XMLHttp请求返回页面的内容?
I use Firefox, and there is a tool called Developer -> Web Console. It shows more information about GET/POST requests, which page we connected with XMLHttp, request headers and information like this. I'm sure there is a similar feature on Chrome too.
There is an AJAX call on a page and I have to see what it returns to the website. It is just a GET request and returns JSON. When I manually request that page (e.g ajax/view/my_purchases.php) it just shows a blank page, but when the website requests it with AJAX, I can see what content it returned in HTML.
Basically, What kind of tools I can use to see it? It can be a standalone application, Chrome or a Firefox extension. I'm okay with any.
我使用的是Firefox,还有一个名为Developer的工具 - > Web控制台。 它显示了有关GET / POST请求的更多信息,我们使用XMLHttp连接的页面,请求标头和此类信息。 我确信Chrome上也有类似的功能。 p>
页面上有一个AJAX调用,我必须看到它返回到网站的内容。 它只是一个GET请求并返回JSON。 当我手动请求该页面时(例如ajax / view / my_purchases.php)它只显示一个空白页面,但当网站用AJAX请求时,我可以看到它以HTML格式返回的内容。 p>
基本上,我可以使用哪种工具来查看它? 它可以是独立应用程序,Chrome或Firefox扩展程序。 我没关系。 p> div>
Firebug is the most used option. Net panel has "XHR" tab that you can use, and chrome tools were actually based on that.
on chrome you have the "network" tab, all requests and responses are there, also you can put a breakpoint in the "success" function and watch the response. p.s chrome has this console without any extentions
Using Firebug on Firefox -> Console Tab (maybe aktivate "show XMLHttpRequests")
Edit: nicer than on Chrome you can open the request directly in a new tab.
Using the 'Net' tab, you can view every single external request that the page is calling when it loads. Your AJAX request will be in here. One thing to look out for is any GET or POST data being sent to the external script.
Many scripts will only provide access to its main algorithm or data logic if it expects certain parameters. A very basic one might be:
<?php
if (!isset($_POST['submit'])) {
die;
}
// Rest of functionality...
This makes it harder for people to gain access to sensitive data. If your AJAX call is sending POST data, you probably won't gain access. And if you do, you'll be committing CSRF.