Eternal Night

There is no problem not worth solving, and no technology not worth learning!

After authorization of the WeChat public account, click the Continue to visit button to investigate and analyze

在微信公众帐号授权后,该网页可能不是由微信提供,微信无法确保内容的安全性,如果要继续访问,请注意保护好个人信息。点击 继续访问 按钮无反应。

Written by

永夜

in

, ,
Post Views: 71
1. Open the link in WeChat, and apply for the public account: get your nickname and avatar, and click the Allow button. as shown in Figure 1
在微信中打开链接,公众帐号申请获得:获取你的昵称、头像,点击 允许 按钮。
Figure 1
2. After the WeChat public account is authorized, the page may not be provided by WeChat, and WeChat cannot ensure the security of the content. If you want to continue to visit, please pay attention to protect your personal information. Click the Continue to access button and there is no response. as shown in Figure 2
在微信公众帐号授权后,该网页可能不是由微信提供,微信无法确保内容的安全性,如果要继续访问,请注意保护好个人信息。点击 继续访问 按钮无反应。
Figure 2
3. Check the settings of the public account, and the website authorizes the domain name, there is no problem. as shown in Figure 3
查看公众号设置,网页授权域名,是没有问题的。
Figure 3
4. Click on the upper right corner… to open it in the browser. as shown in Figure 4
点击右上角 ...,在浏览器中打开。
Figure 4
5. Click the Continue to visit button in the browser, and the security warning will pop up. There is a problem with the security certificate of this website. Click Continue. as shown in Figure 5
在浏览器中点击 继续访问 按钮,弹出安全警告 该网站的安全证书有问题。点击 继续。
Figure 5
6. The access in the browser is successful. as shown in Figure 6
在浏览器中访问成功。
Figure 6
7. Use WeChat to scan the QR code corresponding to the link. as shown in Figure 7
使用微信扫一扫链接所对应的二维码。
Figure 7
8. Open the blank after finding the code. But there is a corresponding request log in the nginx log. as shown in Figure 8
发现扫码后打开空白。但是 Nginx 日志中有相应的请求日志。
8
9. But there is a corresponding request log in the nginx log. The request URL is the value of redirect_uri. The response status code is 500. as shown in Figure 9
但是 Nginx 日志中有相应的请求日志。请求网址为 redirect_uri 的值。响应状态码为 500。
Figure 9


{"request":{"headers":{"referer":"-","host":"morefun.webtv.xxx.cn","x-request-id":"8f7867eafed70458126b8451fa701860","x-forwarded-for":"101.207.139.251","user-agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36"},"method":"GET","uri":"/wechat/activities/?id=a4676e6e-acdd-4213-bb46-99fcb30327fd&group_id=3b592c75ee1974509679e28ec2b4fce4","url":"http://morefun.webtv.xxx.cn/wechat/activities/?id=a4676e6e-acdd-4213-bb46-99fcb30327fd&group_id=3b592c75ee1974509679e28ec2b4fce4","@timestamp":"2021-10-28T19:51:38+08:00","upstreamaddr":"127.0.0.1:9000","response":{"responsetime":"1.715","upstream_response_time":"1.714"},"size":"40924","status":"500","module_name":"default-app"}}
10. Open the jump URL directly in the browser, and the response is 500. The reason is that the code parameter is missing. As shown in Figure 10
将跳转网址在浏览器中直接打开,响应 500。原因在于缺少 code 参数。
Figure 10


Authorize Failed: 
{
  "errcode": 41008,
  "errmsg": "missing code, rid: 617a8ec9-02397612-437533f9"
}
11. Open the link in the browser, analyze the request parameters, and find that the value of redirect_uri has changed.


Request URL: https://open.weixin.qq.com/connect/oauth2/authorize?appid=wx9dbacb0dd5847fc4&redirect_uri=https%3A%2F%2Fmorefun.webtv.xxx.cn%2Fwechat%2Factivities%2F%3Fid%3Da4676e6e-acdd-4213-bb46-99fcb30327fd%26group_id%3D3b592c75ee1974509679e28ec2b4fce4&response_type=code&scope=snsapi_userinfo&state=47fc4bd999d70f7f8239b6264ec4be32&connect_redirect=1
Request Method: GET

appid: wx9dbacb0dd5847fc4
redirect_uri: https://morefun.webtv.xxx.cn/wechat/activities/?id=a4676e6e-acdd-4213-bb46-99fcb30327fd&group_id=3b592c75ee1974509679e28ec2b4fce4
response_type: code
scope: snsapi_userinfo
state: 47fc4bd999d70f7f8239b6264ec4be32
connect_redirect: 1
12. JS interface security domain name, add: morefun.webtv.xxx.cn. as shown in Figure 11
JS接口安全域名,添加:morefun.webtv.xxx.cn。
Figure 11
13. Prioritize the problem of certificates, and replace the HTTPS protocol of redirect_uri with the http protocol. Click the Continue Access button to jump to the address of REDIRECT_URI. Remarks: The protocol in the link cannot be directly replaced here, and you need to enter from a new authorization. as shown in Figure 12
优先解决证书的问题,将 redirect_uri 的 https 协议替换为 http 协议。点击 继续访问 按钮跳转至 redirect_uri 的地址。备注:此处不能够直接替换链接中的协议,需要从新授权进入。
Figure 12
14. Use WeChat to scan the QR code corresponding to the link. After scanning the code, it can also be opened successfully, no longer blank. 15. Summary: After authorization of the WeChat public account, click the Continue to access button. The reason is that there is a problem with the security certificate of the website. If the certificate problem cannot be solved, you can replace the https protocol with the http protocol.      

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More posts