京东搜索接口商品数据获取及h5st参数解析

13955925361 · 发表于 2026-4-21 19:01

本帖最后由 13955925361 于 2026-4-23 20:51 编辑

昨天试了下小红书的首页笔记，今天不出意外狗东首页搜索接口
数据也是可以获得了呢。主要卡点在于补环境的深度和指纹问题。
除了传统的document要补之外，大量的指纹信息被保存在了
localStorage里，一定要在浏览器中获取。来看看deepseek怎么说

来看看结果吧，如果想要搜索不同关键词，只需要修改第一张图标注的keyword即可

附上我的代码，只有两个文件。一个js和一个py,不过js里既包括了函数调用，又包括了补的环境。

js文件非常大：
直接给网站干崩溃了，各位直接在压缩包下吧，只能先单独列出Py文件。

[Python] 纯文本查看 复制代码

import json
import hashlib
import time
import hashlib
import json
from curl_cffi import requests
import time
import os
import execjs
import subprocess
from functools import partial
import re

subprocess.Popen = partial(subprocess.Popen, encoding="utf-8")
# 1. 定义参数对象 (将 JS 的 null/false/true 转换为 Python 的 None/False/True)
params = {
    "enc": "utf-8",
    "pvid": "8e9a18b33d3b418f9d0980a2072c2984",
    "area": "14_1114_19784_19809",
    "page": 1,
    "mode": None,
    "concise": False,
    "newAdvRepeat": False,
    "new_interval": True,
    "s": 1
}



# 2. 核心步骤：生成 body 的 SHA-256 哈希值
# JSON.stringify(params) 对应 json.dumps(params, separators=(',', ':'))
# separators=(',', ':') 确保生成的 JSON 是紧凑的，没有多余空格，与 JS 行为一致
json_str = json.dumps(params, separators=(',', ':'))

# cryptoJs.SHA256(...).toString() 对应 hashlib.sha256(...).hexdigest()
body_hash = hashlib.sha256(json_str.encode('utf-8')).hexdigest()

# 3. 构建签名参数对象
params_h5sign = {
    "appid": "search-pc-java",
    "functionId": "pc_search_adv_Search",
    "client": "pc",
    "clientVersion": "1.0.0",
    "t": int(time.time() * 1000),  # JS 的 new Date().getTime() 是毫秒级时间戳
    "body": body_hash
}

# 4. 输出结果
# print("生成的 JSON 字符串:", json_str)
# print("\nSHA-256 Hash (body):", body_hash)
# print("\n生成的签名参数对象:")
# print(params_h5sign)


import subprocess
import json

# ... (前面的代码保持不变) ...

cmd = ["node", "./h5st.js", json.dumps(params_h5sign)]
output_text= subprocess.check_output(cmd)
# print(output_text)
def extract_h5st_method2(text):
    # 匹配从 { 开始到 } 结束的完整对象
    pattern = r'{\s*appid:\s*[^}]+\bh5st:\s*\'([^\']+)\'[^}]*}'
    match = re.search(pattern, text, re.DOTALL)
    if match:
        return match.group(1)
    return None
h5st_value = extract_h5st_method2(output_text)
print(f"提取到的 h5st 值: {h5st_value}")
print(f"h5st 长度: {len(h5st_value)}" if h5st_value else "未找到 h5st")



headers = {
    "accept": "application/json, text/plain, */*",
    "accept-language": "zh-CN,zh;q=0.9,en;q=0.8,en-GB;q=0.7,en-US;q=0.6",
    "cache-control": "no-cache",
    "origin": "https://search.jd.com",
    "pragma": "no-cache",
    "priority": "u=1, i",
    "referer": "https://search.jd.com/Search?keyword=%E6%89%8B%E6%9C%BA&enc=utf-8&pvid=02f2c2e78a974dff8dee0b8e10c8f897&themeColor=&from=home&spmTag=YTAyMTkuYjAwMjM1Ni5jMDAwMDcxNjEuMSU0MDE3NzY5NDgzODIwODYlMjMxNzY1MzYyODE2ODE3MTE1ODE1MjQ1OSUyMzk5MjY5OTQyNw",
    "sec-ch-ua": "\"Microsoft Edge\";v=\"147\", \"Not.A/Brand\";v=\"8\", \"Chromium\";v=\"147\"",
    "sec-ch-ua-mobile": "?0",
    "sec-ch-ua-platform": "\"Windows\"",
    "sec-fetch-dest": "empty",
    "sec-fetch-mode": "cors",
    "sec-fetch-site": "same-site",
    "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/147.0.0.0",
    "x-referer-page": "https://search.jd.com/Search",
    "x-rp-client": "h5_1.0.0"
}
cookies = {
    "shshshfpa": "e80d2f89-6292-f19a-e0c8-671692edb298-1742822842",
    "shshshfpx": "e80d2f89-6292-f19a-e0c8-671692edb298-1742822842",
    "jcap_dvzw_fp": "PLhLqG2LrDtMiUuyD4QWFhQLXG6Cd3Z23cCa89BkFTIMdKyQPSGeo6oQ6jD8CuzUENnSXuq8cco2LjwFcUpsXg==",
    "__jdu": "17653628168171158152459",
    "areaId": "14",
    "PCSYCityID": "CN_340000_340700_0",
    "ipLoc-djd": "14-1114-19784-19809",
    "mt_xid": "V2_52007VwMUVVlaVVkWSR5VBWEDElZUWFZZGk0RbAxnVkZQXFhUXkweTgxXMwciUVxbVUYeTAVfB3YAE1lYXVlbHXkbbAdXMxVaWl9T",
    "unpl": "V2_ZzNsbUtXFkF3CUZSf0oLUjdRRlleFi0SfQ9BVUsaXQZgHxNYXlRBBHYJTVF%2BEl0HVwMiXkNVRRZ2C0JWfClda2ALFVpDZ3MVdzhHZHsfWwFlBBFUQlBKFXMIRlByGVgGYgcabUtXFkF3CUZSf0oLUjdRRllyUEQUfA%3D%3D",
    "__jdv": "232945309|cn.bing.com|t_2037222536_0_0|adrealizable|81de30175bfface5-p_0|1776948245414",
    "3AB9D23F7A4B3CSS": "jdd03MTKEBANDFYXLCEUFHEGQVZJBQPA54PN72JHLPIFDAUFA5IB3JJ2XJXIJEY5DTJZ7T6KYCFZUV4TRU7KGPSEP2CXWAMAAAAM5XJPIVCIAAAAAD4F5HQF4URJ3SUX",
    "TrackID": "1quMWsIRKCzAUwMTIeo8BOz1TgNT-B8SiVD69cSRFZEAG9TfD8awOUvDQcTd9znPD5C1_Z1R2gLU415grc98lO8JfuFVfl2zi_eUoEPn782EFOjr1U2cB1RORNML3kcdu",
    "thor": "E6F82FA843064E81389B64A7C320EA2C9AE0864145C47388FA445A73D95626E39E1B01C1D491EBB8C2EE498FC0D651E73A41682570C243E183FD2AE0D81F15DCBCFD15213C8362BB8F3B346E325540B112DD110DB0BDC79AB08C74339371F653876174DE5F201814BCFC39464970212B82DC1BE0E3BDA26AD168FD12A2E397E6930203D8CAAB6F217D021B15AB1A18B56CE406A0274710730721B8A6671EABC1",
    "light_key": "AASBKE7rOxgWQziEhC_QY6yapFJWBoGeDLB9XKooaF4YdW9SZ6_3sfM2fxDVtQWi5_n4qah3",
    "pinId": "zfVZGq5MRfLdW7Ei9jws7bV9-x-f3wj7",
    "pin": "jd_62c16b4dd6c96",
    "unick": "jd_8o49y50fjj9v5j",
    "ceshi3.com": "203",
    "_tp": "iwYrhdLGqrUBk513%2BvlGflzmS5nsLKEShZ4HmMW43i0%3D",
    "_pst": "jd_62c16b4dd6c96",
    "wlfstk_smdl": "kjpdpf2ox965f9p92d4t9071x6mh37bn",
    "mail_times": "4%2C1%2C1776948297662",
    "cn": "10",
    "umc_count": "1",
    "jsavif": "1",
    "flash": "3_o438Y2h9xBED9Lyzey5sEBMhhQRmdhS5eRQjJbiCes_sU7bPDrBEWPvKRwctTNunaPz9jvXAGVCJuT2vd5Vr4GiiHRGyOzdiFY9Nn9Ly8_eXHJ5O51z_JWSAbBZqngr4jpGWmhMGvASf0o1YDrRaYnsSSzzL77D-4mwGfymJSMfkU290mp8zFq**",
    "shshshfpb": "BApXWldhXufhA-4GZkNUfLlIBDmEpKwNCBgDDL21n9xJ1ItZfQtCEkUu9jn_-N9BwKuOOiyCAsqFbdL5k7PsP49kvNFvg_TRRLm-7",
    "3AB9D23F7A4B3C9B": "MTKEBANDFYXLCEUFHEGQVZJBQPA54PN72JHLPIFDAUFA5IB3JJ2XJXIJEY5DTJZ7T6KYCFZUV4TRU7KGPSEP2CXWAM",
    "sdtoken": "AAbEsBpEIOVjqTAKCQtvQu17ZD8xxF2RMpuJ1YThwWwfWZYs17Y2Y-n-44qcBRTvLhIW2J4dSq7lGDmpM1jZnOZ08LBcVGfF8NAzJEotyV_85WFwJmD7qwDhIJ6P9RCvwFYPw3JwxZxsUxgWJiwCBbOZiRbR2TWFMNYjKXC4",
    "__jda": "143920055.17653628168171158152459.1765362817.1776831650.1776948245.27",
    "__jdc": "143920055",
    "__jdb": "143920055.16.17653628168171158152459|27.1776948245"
}
url = "https://api.m.jd.com/api"
params = {
    "appid": "search-pc-java",
    "t": [
        params_h5sign['t'],
        str(int(time.time() * 1000))
    ],
    "client": "pc",
    "clientVersion": "1.0.0",
    "cthr": "1",
    "uuid": "17653628168171158152459",
    "loginType": "3",
    "keyword": "手机",
    "functionId": "pc_search_searchWare",
    "body": "\\{\"enc\":\"utf-8\",\"pvid\":\"8e9a18b33d3b418f9d0980a2072c2984\",\"area\":\"14_1114_19784_19809\",\"page\":1,\"mode\":null,\"concise\":false,\"newAdvRepeat\":false,\"new_interval\":true,\"s\":1\\}",
    "x-api-eid-token": "jdd03MTKEBANDFYXLCEUFHEGQVZJBQPA54PN72JHLPIFDAUFA5IB3JJ2XJXIJEY5DTJZ7T6KYCFZUV4TRU7KGPSEP2CXWAMAAAAM5LDRD2JYAAAAADIX3P4SERHS7D4X",
    "h5st": h5st_value}
response = requests.get(url, headers=headers, cookies=cookies, params=params)

print(response.text)
print(response)

CDHLG · 发表于 2026-5-7 17:42

现在jd抢购科技还是满天飞吗？软件？还是油猴插件，我买了个拍立得，但是相纸还要抢，我吐了，虽然溢价不多，但是消耗品不想每次都多花钱去黄牛哪里买。有大佬能指指路吗~不胜感激。

13955925361 · 发表于 2026-4-23 20:27

本帖最后由 13955925361 于 2026-4-23 20:52 编辑

dfssa1234 发表于 2026-4-23 17:18
为啥换了我的TOKEN，CK，跑出来还是403.。。

。。。我也403了，呜呜，我重新更新了代码，可以用了。
不过请求次数过多会触发京东的验证码，我还没有搞定。

13955925361 · 发表于 2026-4-21 19:27

为啥我写了那么多，显示是空的

lichi · 发表于 2026-4-21 21:07

13955925361 发表于 2026-4-21 19:27
为啥我写了那么多，显示是空的

我可以看到你的内容

ShriyGo · 发表于 2026-4-22 16:13

这接口我记得要账号ck的

a534675219 · 发表于 2026-4-23 09:13

谢谢楼主无私的分享

Mecha · 发表于 2026-4-23 14:05

感谢分享，我记得当时我弄的时候弄了半天只弄了一个时灵时不灵的h5st

Dc3 · 发表于 2026-4-23 14:43

谢谢楼主无私的分享

夜饮 · 发表于 2026-4-23 16:10

风控太强了，逆向出来作用也不大

dfssa1234 · 发表于 2026-4-23 17:18

为啥换了我的TOKEN，CK，跑出来还是403.。。

帐号		自动登录	找回密码
密码			注册[Register]

[Web逆向] 京东搜索接口商品数据获取及h5st参数解析

免费评分