C#-Https-Aufrufe mit HttpClient funktionieren zwar unter Windows 7, aber nicht unter Windows 10

Anonymous · Post by **Anonymous** » 19 Nov 2025, 07:26

In Windows 7 32-Bit und .NET 4.6.1 funktioniert dieser Code einwandfrei und der Remote-Server gibt Daten zurück:

using (HttpClient client = new HttpClient())
{
client.Timeout = TimeSpan.FromSeconds(3);
client.DefaultRequestHeaders.UserAgent.ParseAdd("Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36");
client.DefaultRequestHeaders.Accept.ParseAdd("*/*");
client.DefaultRequestHeaders.AcceptLanguage.ParseAdd("en-US,en;q=0.9");

using (HttpRequestMessage request = new HttpRequestMessage(HttpMethod.Post, new Uri("https://gql.tokopedia.com/graphql/ShopProducts")))
{
string json = @"[{""operationName"":""ShopProducts"",""variables"":{""source"":""shop"",""sid"":""1577650"",""page"":1,""perPage"":80,""etalaseId"":""etalase"",""sort"":1,""user_districtId"":""2274"",""user_cityId"":""176"",""user_lat"":""0"",""user_long"":""0"",""usecase"":""ace_get_shop_product_v2""},""query"":""query ShopProducts($sid:String!,$source:String,$page:Int,$perPage:Int,$keyword:String,$etalaseId:String,$sort:Int,$user_districtId:String,$user_cityId:String,$user_lat:String,$user_long:String,$usecase:String){\nGetShopProduct(shopID:$sid,source:$source,filter:{page:$page,perPage:$perPage,fkeyword:$keyword,fmenu:$etalaseId,sort:$sort,user_districtId:$user_districtId,user_cityId:$user_cityId,user_lat:$user_lat,user_long:$user_long,usecase:$usecase}){\nstatus\nerrors\nlinks{\nprev\nnext\n__typename\n}\ndata{\nname\nproduct_url\nproduct_id\nprice{\ntext_idr\n__typename\n}\nprimary_image{\noriginal\nthumbnail\nresize300\n__typename\n}\nflags{\nisSold\nisPreorder\nisWholesale\nisWishlist\n__typename\n}\ncampaign{\ndiscounted_percentage\noriginal_price_fmt\nstart_date\nend_date\n__typename\n}\nlabel{\ncolor_hex\ncontent\n__typename\n}\nlabel_groups{\nposition\ntitle\ntype\nurl\nstyles{\nkey\nvalue\n__typename\n}\n__typename\n}\nbadge{\ntitle\nimage_url\n__typename\n}\nstats{\nreviewCount\nrating\naverageRating\n__typename\n}\ncategory{\nid\n__typename\n}\n__typename\n}\n__typename\n}\n}\n""}]";
request.Content = new StringContent(json, Encoding.UTF8, "application/json");
using (HttpResponseMessage response = client.SendAsync(request).Result)
{
using (StreamWriter sw = new StreamWriter("response.txt"))
{
sw.Write(response.ToString());
}
}
}
}

Hier ist die Antwort vom Server:

Code: Select all

StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.StreamContent, Headers:
{
Gql-Request-Processing-Time: 177.57
Access-Control-Expose-Headers: queryhash
X-Tt-Logid: 20251031112027C8DB2F102AACE904330D
Access-Control-Allow-Headers: Content-type, Fingerprint-Data, Fingerprint-Hash, x-user-id, Webview-App-Version, Redirect, Access-Control-Allow-Origin, Content-MD5, Tkpd-UserId, X-Tkpd-UserId, Tkpd-SessionId, X-Device, X-Source, X-Method, X-Date, Authorization, Accounts-Authorization, flight-thirdparty, x-origin, Cshld-SessionID, X-Mitra-Device, x-tkpd-akamai, x-tkpd-lite-service, x-ga-id, x-device, Akamai-Bot, x-tkpd-app-name, x-tkpd-clc, x-return-hmac-md5, queryhash, Event, X-Element-ID, sid_intools, sonic_access_token, Referer, x-tkpd-ht, x-tkpd-htt, X-Auth-Signature, X-Auth-Timestamp, X-Auth-Hash, X-NewRelic-Id, newrelic, tracestate, traceparent
X-Tkpd-Srv-Go: go-graphql
X-Tkpd-Gql-Dc:
Gql-Proxy-Response: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server-Timing: inner;  dur=188
x-tt-trace-host: 019c9ec0b175bfe92f727d5b0d0f788962eb0d0a62c007f8137ef13cdb4d71087c5aaeb61bc46e2956235937642a4540ff9bc7428e5d94c60b7f5fdaea6c8b8cce3d871367cceb4da461f05aab6ca65622cfda9448712af21794e148ced2e788aadfa5b942b920d4a5ed8e769741b7f9767ec97a500027e9ea69b16fe1ee725ed3
x-tt-trace-tag: id=00;cdn-cache=miss
x-tt-trace-id: 00-251031112027C8DB2F102AACE904330D-0DCCA2303FE84B1E-00
Transfer-Encoding: chunked
Connection: keep-alive
Connection: Transfer-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.tokopedia.com
Date: Fri, 31 Oct 2025 03:20:27 GMT
Set-Cookie: _abck=7D2A34952C0D7778A8EE3411CE06525B~-1~YAAQBunOF+lW+iaaAQAAAOhHOA4dow7LH48+ZBuVUkEspUafPCjqapYCNBeaBX8mWbNJYoKwDOyU3L3L5UsBzK2OUU+95GAsE07eCw0mMwb/Vxc1Sq5JcaK4L/EAi/K4RjoeIGCGqoKTOPO9hPQdIYNXO3+zlbsHM4Ot5zdwmR21bOtU9OvloBPHyp0XtbBuzNGR9xnQ2r3XfBL1Zf66zHeiY9CX23tBtze6A0eaTlpXzP1RZZyb7O1WLMOri+jzMtk97dGOiUWe0PZqAQ0xD6hHV+LqAGKk3e822ZVHGWW9RHuL0Diyiynx6NZFZy7XmKsKLipYeQEsVs3HM714rSspULv+2FpXVkLoY0uxndmucV7zyX6L03U0HJVQk6vNIDomvCb4nH8GXkXBVD+OxetDuNoQutgNu8TUWUk8VQjTzsRlYBt8nkoq9HwOF6qDnBCHmunQ3sSzfyA=~-1~-1~-1~-1~-1; Domain=.tokopedia.com; Path=/; Expires=Sat, 31 Oct 2026 03:20:27 GMT; Max-Age=31536000; Secure
Set-Cookie: bm_sz=37F23D132FEC22B4CCFA0A2FD7FE05AB~YAAQBunOF+pW+iaaAQAAAOhHOB1cn9Y/blq8X8cinzuIj2rbg7C12rGAetyxVVxvqTurREpeDm2wmQxvoz4hdULKDKutPoE28G6s1CeI6gRF8vZb/NK60cLu4alaUr9Mq/Up2zwmkJ08OoaKltMy/wpK54r0l4qEyElv+rMsSPsr7lAxJfSI/btzng1LKHmz9qdhaS67fKe599gF8asOgobTi1+/IOjVQueT1Qo4lGN79SQfJMk0GvVh4wc+5Mlq9nBxtXve79Ea5sCEoJuWFJVRZ7GspKN0oyX+zbARkPusqsq8ZA7WXY3PeMVUAF0kMsEdHw0kWlxvB9cks8p0VP72Fre4k4sOd/k7XnYj90ckEBQCMtHdCyGZWQ==~3753520~3290417; Domain=.tokopedia.com; Path=/; Expires=Fri, 31 Oct 2025 07:20:27 GMT; Max-Age=14400
Server: TLB
Content-Type: application/json
}

Aber der Code funktioniert nicht unter Windows 10 64-Bit, ich erhalte einen Timeout-Fehler in der HttpResponseMessage.
Was ich getan habe:

Auf .NET 9.0 unter Windows 10 geändert – ich erhalte den gleichen Fehler
Portiert auf die Rust-Sprache unter Windows 10 – I erhalte den gleichen Fehler

Ist das ein CORS-Problem und Windows 7-Schwachstellen/Sicherheitsprobleme?

C#-Https-Aufrufe mit HttpClient funktionieren zwar unter Windows 7, aber nicht unter Windows 10

C#-Https-Aufrufe mit HttpClient funktionieren zwar unter Windows 7, aber nicht unter Windows 10 ⇐ C#

Quick Reply