Python爬虫如何应对拉勾网最新的反爬机制?
之前写的拉钩网,我今天试了一下出现下面这个
{“status”:false,“msg”:“您操作太频繁,请稍后再访问”,“clientIp”:“117.93.157.209”,“state”:2402}
{“status”:false,“msg”:“您操作太频繁,请稍后再访问”,“clientIp”:“60.30.54.82”,“state”:2402}
{“status”:false,“msg”:“您操作太频繁,请稍后再访问”,“clientIp”:“117.93.157.209”,“state”:2402}
网址: https://www.lagou.com/gongsi/0-1-0-0
后来我把 cookie 换了 还是这样 这是为啥呢,ip 是动态代理? 求人指教
from ip_pool import get_ip
import requests
headers={“Cookie”:’_ga=GA1.2.174518896.1523111183; user_trace_token=20180407222623-a5c90692-3a6f-11e8-b740-5254005c3644; LGUID=20180407222623-a5c90b3f-3a6f-11e8-b740-5254005c3644; sensorsdata2015jssdkcross=%7B%22distinct_id%22%3A%22167a6ed15993d2-015970814fc80b-35667607-2073600-167a6ed159a938%22%2C%22%24device_id%22%3A%22167a6ed15993d2-015970814fc80b-35667607-2073600-167a6ed159a938%22%7D; index_location_city=%E5%8C%97%E4%BA%AC; JSESSIONID=ABAAABAAAGFABEF2514709505FB85F0FC824310BC7C43F2; _gid=GA1.2.1492847185.1548121054; Hm_lvt_4233e74dff0ae5bd0a3d81c6ccf756e6=1546789367; TG-TRACK-CODE=index_search; SEARCH_ID=8cc1b952a94a496892284ac7a525daea; _gat=1; LGSID=20190123153732-bedacc90-1ee1-11e9-9486-525400f775ce; PRE_UTM=; PRE_HOST=; PRE_SITE=; PRE_LAND=https%3A%2F%2Fwww.lagou.com%2Fgongsi%2F0-1-0-0; LG_LOGIN_USER_ID=d809bbbe54ac48bf0a9ce5888befc8dbdd72485efb1d041a; _putrc=528CDA7A1053B994; login=true; unick=%E5%B2%B3%E5%BA%B7; showExpriedIndex=1; showExpriedCompanyHome=1; showExpriedMyPublish=1; hasDeliver=138; gate_login_token=b729a3ea436639fccaac9cdae984ae92c4562ed3d14bb148; LGRID=20190123153826-ded128bf-1ee1-11e9-b748-5254005c3644; Hm_lpvt_4233e74dff0ae5bd0a3d81c6ccf756e6=1548229075’,“User-Agent”: “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36”,“Referer”: “https://www.lagou.com/gongsi/0-1-0-0”,}
form_data={‘first’: ‘false’, ‘pn’: ‘3’, ‘sortField’: ‘0’, ‘havemark’: ‘0’}
res = requests.get(‘https://www.lagou.com/gongsi/0-1-0-0.json’, headers=headers,data=form_data,proxies=get_ip())
print(res.text)
Python爬虫如何应对拉勾网最新的反爬机制?
拉勾网的反爬确实比较严,主要手段包括请求头校验、Cookie验证、动态参数加密和IP限制。我最近刚逆向过他们的接口,这里给个能跑通的方案。
核心思路是模拟浏览器行为,重点处理这几个加密参数:
x-anonymous-id- 设备ID,可以用UUID生成x-s- 请求签名,算法在JS里x-t- 时间戳- Cookie中的
_gid和_ga
import requests
import time
import hashlib
import json
from urllib.parse import quote
def get_lagou_jobs(keyword, city="北京", page=1):
"""
获取拉勾网职位数据
"""
url = "https://www.lagou.com/jobs/v2/positionAjax.json"
# 关键请求头
headers = {
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
'Referer': 'https://www.lagou.com/jobs/list_{}?city={}'.format(
quote(keyword), quote(city)
),
'X-Requested-With': 'XMLHttpRequest',
'Content-Type': 'application/x-www-form-urlencoded; charset=UTF-8',
'Origin': 'https://www.lagou.com',
}
# 动态参数生成(简化版,实际需要逆向JS)
timestamp = int(time.time() * 1000)
anonymous_id = "your_generated_uuid" # 需要从首次访问获取
# 请求参数
params = {
'needAddtionalResult': 'false',
'isSchoolJob': '0'
}
data = {
'first': 'true' if page == 1 else 'false',
'pn': str(page),
'kd': keyword,
'city': city
}
# 关键:设置Cookie(需要先访问首页获取)
cookies = {
'user_trace_token': 'your_token',
'_gid': 'your_gid',
'_ga': 'your_ga',
'LGUID': 'your_lguid',
'index_location_city': quote(city),
'X_HTTP_TOKEN': 'your_token'
}
try:
response = requests.post(
url,
headers=headers,
params=params,
data=data,
cookies=cookies,
timeout=10
)
if response.status_code == 200:
result = response.json()
if result.get('success'):
return result['content']['positionResult']['result']
else:
print("请求失败:", result.get('msg'))
else:
print(f"HTTP错误: {response.status_code}")
except Exception as e:
print(f"请求异常: {e}")
return []
# 使用示例
if __name__ == "__main__":
jobs = get_lagou_jobs("Python", "北京", 1)
for job in jobs[:3]: # 只打印前3个
print(f"{job['companyFullName']} - {job['positionName']} - {job['salary']}")
几个关键点:
- 首次访问需要先GET首页获取Cookie和动态参数
x-s和x-t参数需要逆向JS加密算法,可以用PyExecJS执行JS代码- 控制请求频率,加随机延时避免被封IP
- 建议用requests.Session保持会话
如果这个基础版本被拦截,可能需要:
- 使用playwright/selenium模拟浏览器
- 部署代理IP池
- 逆向完整的加密JS逻辑
总结:逆向加密参数是关键。
并没有, 但是只要 cookie,header 一样, 就没问题,但是问题是他的 cookie 是动态设置的, 包括 search_id 用的也和第一次 response 里 set-cookie 的值不一样
