Appengine欺骗用户代理字符串
[英]Appengine spoof User-Agent string
问题描述
I have an internal webservice that allows calls only from particular AppEngine application. 
我有一个内部网络服务,仅允许来自特定AppEngine应用程序的调用。 I'm extracting AppId from User-Agent string however it looks like when I add it multiple times only one will be fixed by Google. 我正在从User-Agent字符串中提取AppId,但是当我多次添加它时,Google只会修复其中一个。
Is there a better way to recognize Appengine application? 有没有更好的方法来识别Appengine应用程序?
My WS is hosted in my network, not at Google. 我的WS托管在我的网络中,而不是Google托管。
1 个解决方案
解决方案1
0 2014-01-13 16:09:46
As per the App Engine documentation, an application can modify the User-Agent string but App Engine will append the Identifier String to the requests. 根据App Engine文档,应用程序可以修改User-Agent字符串,但App Engine会将标识符字符串附加到请求中。
For eg "AppEngine-Google; (+http://code.google.com/appengine; appid: APPID)" 例如: "AppEngine-Google; (+http://code.google.com/appengine; appid: APPID)"
What do you mean by multiple User-Agent strings? 多个用户代理字符串是什么意思? Shouldn't it be just one, which is what AppEngine also appends to, even if you modify it ? 即使您对其进行了修改,它也不应该仅仅是AppEngine的附加内容吗?
There are other Request Headers that the App cannot modify for security purposes, for eg refer to https://developers.google.com/appengine/docs/java/urlfetch/#Java_Request_headers but I am not sure if they are useful in your case. 该应用程序出于安全目的还无法修改其他请求标头,例如,请参阅https://developers.google.com/appengine/docs/java/urlfetch/#Java_Request_headers,但我不确定它们是否对您有用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.