Simple book views: use methods and use of simple book views
Preface:
Now, a simplified book is a programmer who edits and publishes an article. However, after reading the previous published work, the reading volume is basically a single digit, which is different from that of many simplified books, the outstanding individuals who write chicken soup or simplified book certification are really not as shy as they are. They have spent a very long time, but also the texture, and the plain and easy-to-understand patience of the vernacular, five topics can be cast in total, and then they can also be cast. In the end, there will be only three views, which is still chilling, why are there so many chicken soup works in a book that can be read in less than ten minutes? Of course, there may be a lot of attention, isn't it? Then I went to Baidu. Of course, you can go over the wall. If you have the advantage of this condition.
Method
There is a vulnerability in the reading volume of articles in the short book, which can be used for unlimited clicks. This vulnerability is quite interesting. If you are logged on, the same article will only be read once no matter how many times you browse, but if you are not logged on, you can open or refresh the read volume once. Of course, this operation cannot be performed in the app. You can share the link to the mobile browser or on the pc side. Remember that the operation is not logged on.
Method Utilization
1. Simply refresh and reload in the browser or mobile browser without logging on to the account,
2. Of course, method 1 is a mechanical form of page views. We can also write a crawler script to refresh the page views. In the future, there may be a set
In-depth analysis
After analysis, the reading verification rules of the simplified book are relatively simple. A separate page request is used to mark the reading volume. The url contains the id of the article to be marked, and the request body contains the referer, after receiving the request, the backend will check whether the article id in the referer is consistent with the id in the url. If the request is consistent, the system considers that the read volume is more than 1. If the request is inconsistent, the system returns success without adding 1, if the user is logged on, the system checks whether the record has been recorded (read). If it is the first time to read the log, It is + 1 (the logic author himself does not read more recently ).
Not recommended
In fact, the number of clicks has no practical significance. After all, it is not a real user traffic. I just want to optimize this vulnerability, such as limiting ip addresses or cookies to avoid unlimited clicks. However, it may also be a simplified book.