First, what is wechat shielding

Simply put, the page we want the user to see is not being presented to the user.

Provide the test address for use, we open it on wechat, and the effect is as follows:

Test address 1: masked, prompting multiple times // 9.imilive.cn/share.html



Test address 2: normal / / developers.weixin.qq.com/miniprogram…



Test address 3: blocked and inaccessible // www.zidanduanxin.com/




Second, the simplest way to check

We send the address we want to detect as a message, we manually click on the domain address, enter and see the above effect.


Third, web wechat gives us the opportunity to take advantage of

The technical method we thought of at the beginning is script processing. Root has an Android phone, we log in a wechat mobile phone, use technical means to obtain the domain name to be verified stored in the database, and send it to ourselves as a message. The script clicks into, the script identifies the result, and updates the status of the corresponding domain name in the database.

Based on this reasoning, we came up with another way, which is the tripartite implementation of wechat robot (NodeJS, Python, Go, Java, PHP), so that we can implement purely on the server side.

We then explored and realized the robot library, and found that the login was based on wechat on the Web, and the subsequent customized operations were realized after the login. In robot test, we first realize the receiving and sending messages, and then identify the domain name messages, and begin to detect the processing.

After web wechat login, the login information will be stored in the browser in the form of cookies, and the verification of domain name messages must be processed on the premise of login, otherwise it cannot be executed correctly.

At this stage, in order to achieve a simpler implementation, I think of the implementation of the browser without interface. When I log in to the web wechat in the browser without interface, the browser without interface will automatically save cookies and then conduct subsequent processing.


No interface browser

Found a multi-platform, multi-language browser with no interface.

Phantomjs (websitephantomjs.org/) (downloadPhantomjs.org/download.ht…)

As we can see, people using a non-interface browser will basically do the following:

1. The screenshots

2. The crawler

3. Automate testing



5. Install PhantomJS (Windows)

We download the corresponding platform package,

Under Window, we configure the environment variables to ensure that the PhantomJS directive is supported globally

We verify whether the installation is successful by executing at any location:

phantomjs -
v

The installation result is as follows:





Six, the implementation of the principle of flow




Seven, based on JS code implementation

1. Directory Structure:



2. Demo. Js code writing:

var
webpage = require(
'webpage'
);
var
system = require(
'system'
);
var
args = system.args;
var
page = webpage.create();
// Whether to log in
var
is_logon =
false
;
// Open the url
page.open(
'wx.qq.com/'
.
function
(status){

/ / loading is ok

if
(status ! =
"success"
) {

console.log(
'FAIL to load the address'
);

phantom.exit();

};

/ / delay

window.setTimeout(
function
() {

// Generate screenshots locally

page.render(
"logincode.png"
);

console.log(
'Generate qr code'
);

// Verify login

check_login()

// phantom.exit();

}, 1000);
});
// Verify login
function
check_login(){
// omit some code…
};
// Check the page
function
check_url(url){

var
h_url =
'// omit some code... ? requrl='
+url;
// omit some code…



if
(r.length> 0) {

console.log(r[0].substr(5));

}
else
{

console.log(
'The website address is normally accessed in wechat'
);

};

phantom.exit();

});
};

3. Run the following command:

phantomjs demo.js

4. Open the generated logincode.png file:

Swipe your phone to log in

5. Check test results:




Viii. Problems and improvements

We don’t save the login status each time we execute, we check for an address and then we execute exit,

For the existing test demo, we need to modify the domain name of the test, repeatedly log in, scan the code, and obtain the result.