How to Fix ByetHost\'s testcookie-nginx-module Blocking JSON Responses in Android Apps?

ByetHost server returning HTML values with JSON String

Problem

While trying to parse JSON string to Android, HTML values are passed instead. Previously, the code worked well, but suddenly began crashing when fetching a database with the help of PHP files.

Upon checking, HTML values were observed in the logcat:

<html><body><h2>Checking your browser..</h2><script...

Cause

The main problem is that ByetHost implements a simple security anti-bots module named testcookie-nginx-module.

Solution

The testcookie-nginx-module performs a two-step validation:

1. On the first HTTP request, it returns a JavaScript instead of the expected JSON. This script executes on the client (typically a web browser) and generates a validation cookie containing an AES key.
2. The script adds the validation cookie to the document and redirects it to the URL we actually want to access. The testcookie-nginx-module validates the cookie AES key and lets the request hit the URL that will respond with the JSON data.

Solution for Android App

To bypass this validation in Android, follow these steps:

1. Get the cookie key from a web browser:

   • Use Google Chrome or another browser.
   • Visit the website and allow cookies.
   • Open the browser settings and navigate to "Content Settings" -> "All cookies and site data".
   • Search for your website name (e.g., "byethost").
   • Find the cookie named __test and copy the values of content, path, and expires.

   • Set the cookie on your Android app:

     • In your code that makes the HTTP request, add the following header:

       <code class="java">httpPost.addHeader("Cookie", "__test=<content-of-your-cookie>; expires=<expires>; path=<path>");</code>

   The above is the detailed content of How to Fix ByetHost\'s testcookie-nginx-module Blocking JSON Responses in Android Apps?. For more information, please follow other related articles on the PHP Chinese website!