XHR 劫持并修改post中某个数据内容的求助

ZYMKJ

1、已知网站引用的Ajax的js文件及post内容的函数。
2、已查看了XHR发送内容【postData": { "mimeType": "application/json;charset=UTF-8",
"text": "{\"historyId\":63641374,\"position\":240,\"len\":\"5400\",\"cid\":\"61\"}"】
3、如何在脚本中劫持XMLHttpRequest，并修改JS中某个参数，从而达到修改postData中position\":240,\"的数值。比如把240修改为2400或者直接等于len的值。
4、需要帮我把脚本代码写出来，或者推荐一个简单实用的抓包、能修改XHR中post信息并再次发送的软件。

下附Ajax请求JS文件：
(function (window, $) {
var timer1;
var timer2;
window.readAssist = function (id,source,postion,percent,len,root,timespace) {
var reloginpage = root + "/page/common-tokenerror";
var assist = new Object();
assist.hid = 0;
assist.url = root + "/resource/saveTssView";
assist.source = source;
assist.postion = postion;
assist.percent = percent;
assist.len = len;
assist.time = parseInt(new Date().getTime() / 1000);
if (timespace && !isNaN(timespace)) {
assist.timespace = timespace 1000;
} else {
assist.timespace = 60000;
}
var result = new Object();
result.cid = id;
result.source = assist.source;
result.ttion = assist.postion;
result.percent = assist.percent;
assist.first = function () {
if (assist.hid == 0) {
$.ajax({
url: assist.url,
data: JSON.stringify(result),
type: "post",
dataType: "json",
timeout: 20000,
contentType: "application/json;charset=utf-8",
error: function (message) {
window.wxc.xcConfirm(
"网络繁忙，请稍后刷新页面重试！",
"studyWarning"
);
},
success: function (data) {
if (data) {
if (data.status == 0) {
assist.hid = data.id;
if (assist.timespace != 0) {
timer1 = window.setInterval(function () {
assist.progressing();
}, assist.timespace);
timer2 = window.setTimeout(function () {
assist.progressing();
clearInterval(timer1);
}, parseInt(len) 1000);
}
} else if (data.status == 1) {
window.wxc.xcConfirm(
"获得初始进度失败，请刷新页面重试！",
"studyWarning"
);
}
}
}
});
}
};
assist.progressing = function () {
var now = parseInt(new Date().getTime() / 1000);
if (assist.postion == "") {
assist.postion = now - assist.time;
} else {
assist.postion = parseInt(assist.postion) + (now - assist.time);
}
assist.time = now;
var result = new Object();
result.historyId = assist.hid;
result.position = assist.postion;
result.len = assist.len;
result.cid = id;
$.ajax({
url: assist.url,
data: JSON.stringify(result),
type: "post",
dataType: "json",
timeout: 20000,
contentType: "application/json;charset=utf-8",
error: function (message) {
window.wxc.xcConfirm("网络繁忙，请稍后刷新页面重试！", "error");
},
success: function (data) {
if (data) {
if (data.status == 0) {
} else if (data.status == 1) {
window.wxc.xcConfirm(
"进度记录失败，请刷新页面重试！",
"studyWarning"
);
} else if (data.status == 2) {
window.clearTimeout(timer1);
window.clearTimeout(timer2);
window.wxc.xcConfirm(
"不能同时学习多门课程，点击确认关闭窗口。",
"readCourse",
{
onOk: function (v) {
window.close();
}
}
);
}
}
}
});
};
assist.history = function () {
if (assist.hid == 0) {
assist.first();
} else {
assist.progressing();
}
};
assist.history();
return assist;
};
})(window, $);

cxxjackie

https://bbs.tampermonkey.net.cn/thread-3284-1-1.html

1. // ==UserScript==
   
2. // @name         xhr劫持
   
3. // @description  ...
   
4. // @namespace    ...
   
5. // @author       ...
   
6. // @version      1.0
   
7. // @match        你要匹配的网站
   
8. // @require      https://scriptcat.org/lib/637/1.0.1/ajaxHooker.js
   
9. // @run-at       document-start
   
10. // ==/UserScript==
    
11. 
    
12. (function() {
    
13.     'use strict';
    
14.     ajaxHooker.hook(request => {
    
15.         if (request.url.includes('/resource/saveTssView') && request.method === 'POST') {
    
16.             request.data = val => {
    
17.                 const postData = JSON.parse(val);
    
18.                 postData.position = 2400;
    
19.                 return JSON.stringify(postData);
    
20.             };
    
21.         }
    
22.     });
    
23. })();

复制代码