堆栈内存溢出
  简体   繁体   English

Express.js:发布时获取用户的referer url

[英]Express.js: Get user's referer url when they post

 原文  2016-05-14 13:08:28       javascript/ ajax/ node.js/ post/ express

问题描述

So I want to create a commenting system for my website, and in order to know the page of the comment (for example, a specific video a user has uploaded), I somehow need to get the url of the page the user is currently on, when they comment (so that I know how to save it in the database). 所以我想为我的网站创建一个评论系统,并且为了知道评论的页面(例如,用户已经上传的特定视频),我不知何故需要获取用户当前所在页面的网址,当他们发表评论时(以便我知道如何将其保存在数据库中)。

The route is like this: app.get('/video/:videoId', function(req, res){...}) so a video url would be something like: /video/98ux8987s987f9xc89v3wjgrkgh32 . 路线是这样的: app.get('/video/:videoId', function(req, res){...})所以视频网址类似于: /video/98ux8987s987f9xc89v3wjgrkgh32

I need to get the last part of the url, when the user POSTs the comment. 当用户POST评论时,我需要获取url的最后一部分。 I don't want to send the url along with the comment (in the ajax POST function), because they can change it! 我不想发送url和评论 (在ajax POST函数中),因为他们可以改变它!

And by the way I don't need the url post url (if I have something like req.url in the post function, I'll just get the post url: app.post('/comment', function(req, res){console.log(req.url)} if I do this I'll get /comment ). 顺便说一下,我不需要url post url(如果我在post函数中有req.url之类的东西,我会得到post url: app.post('/comment', function(req, res){console.log(req.url)}如果我这样做,我会得到/comment )。

Is there a way to do it ? 有办法吗?

Thank you very much. 非常感谢你。

2 个解决方案

解决方案1
 0  2016-05-14 13:22:03

I'm not sure if I get you, but is this what you mean? 我不确定我是否得到你,但这是你的意思吗? 

app.post('/comment/:videoId', function(req, res) {
    console.log(req.params.videoId)
}

The videoId parameter is in req.params.videoId. videoId参数位于req.params.videoId中。

解决方案2
 0 已采纳  2016-05-14 13:54:31

You can add hash with url, but it's not unstoppable . 您可以使用网址添加哈希值,但这并不是不可阻挡的 In the videoKey you can add the date or user id. videoKey中,您可以添加日期或用户ID。 

var secretkey = "4658{=#mkZl"; // The user doesn't know this string, and he can't make videoKey.

app.get('/video/:videoId', function(req, res){    
    res.render('video', {
        videoId: req.params.videoId,
        videoKey: sha256(secretkey + req.params.videoId + secretkey);
    });
};

In your html form : 在您的HTML表单中: 

<form action="/comment">
    <input type="hidden" name="videoId" value="{videoId}" />
    <input type="hidden" name="videoKey" value="{videoKey}" />
</form>

comment function : 评论功能: 

var secretkey = "4658{=#mkZl";

app.post('/comment', function(req, res){
    if (req.body.videoKey == sha256(secretkey + req.body.videoId + secretkey))
        //ok the user got video page, before he comments.
};

sha256 function : sha256功能 

var crypto = require('crypto');

function sha256(data) {
    return crypto.createHash("sha256").update(data).digest("base64");
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Express.js - 获取实际发布请求的正文 JSON - Express.js - get the actual post request's body JSON 使用 express.js 向同一个 url 发送多个发布请求 - Sending multiple post requests to same url using express.js Express.js发布时出错 - Error on post Express.js express.js中的URL解析 - url parsing in express.js 如何使用 express.js 服务器从 post 表单中获取数据 - How to get data from post form with express.js server 我可以在 express.js 中从“GET”重定向到“POST”查询吗? - Can I redirect from 'GET' to 'POST' query in express.js? 在 express.js 中间件请求中获取“#”后的 url - get url after “#” in express.js middleware request 使用express.js获取URL的查询字符串 - use express.js to get the query string of a url 无法将用户存储在Express.js会话中 - Can't get user stored in Express.js session 获取文件Express.js - GET file Express.js
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM