[英]PHP - $_SERVER[“HTTP_REFERER”];
I am trying to build an application and I need to check the referrer URL which redirects to this page, the refered paged will not show... It works when it is a button but when the page otherwise redirects from another page, it remains blank. 我正在尝试构建一个应用程序,我需要检查重定向到此页面的引用URL,引用的页面将不会显示...当它是一个按钮时有效,但当页面从另一个页面重定向时,它仍然是空白。 How can I do this??
我怎样才能做到这一点??
It will/may be empty: 它/可能是空的:
- when the end-user entered the site URL in browser address bar itself.
当最终用户在浏览器地址栏中输入网站URL时。
- visited the site by a browser-maintained bookmark.
通过浏览器维护的书签访问该网站。
- visited the site as first page in the window/tab.
访问该网站作为窗口/选项卡中的第一页。
- switched from a https URL to a http URL.
从https URL切换到http URL。
- switched from a https URL to a different https URL.
从https URL切换到其他https URL。
- has security software installed (antivirus/firewall/etc) which strips the referrer from all requests.
安装了安全软件(防病毒/防火墙/等),从所有请求中删除引用者。
- is behind a proxy which strips the referrer from all requests.
在代理的后面,它从所有请求中删除引用者。
- visited the site programmatically (like, curl) without setting the referrer header (searchbots!) by @BalusC
以编程方式访问网站(如curl),而不设置@BalusC的referrer标题(searchbots!)
Also it means, you will not always have an referrer address. 也就是说,你不会总是有一个推荐人地址。 So you cannot trust the referrer address at all.
所以你根本不能相信推荐人的地址。
For example: 例如:
There is an small exploit that everyone can easily do it: 有一个小漏洞,每个人都可以轻松地做到:
Go to any website, and inject a form-code, send data from this site to another site, so the destiny site will receive data from the injected site and not from you.
转到任何网站,并注入表单代码,将数据从此站点发送到另一个站点,这样命运站点将从注入的站点接收数据,而不是从您那里接收数据。
Never trust referrer addresses. 永远不要相信推荐人地址。 Using a SESSION will most likely be the better route to prevent cross site form submissions.
使用SESSION很可能是阻止跨站点表单提交的更好途径。
I recommend to read: 我建议阅读:
You can set a cookie with value of the referrer url in the header that expires in 5 seconds then Fetch it in the new script and redirect back to the referrer 您可以在标题中设置一个带有引用URL的值的cookie,该值在5秒后到期,然后在新脚本中获取并重定向回到referrer
Like this: 像这样:
$current_url= base64_encode($url); //$url should point to the current url
setcookie("referrer",$current_url,time()+5);
Now you can get the stored url in your next script using: 现在,您可以使用以下命令在下一个脚本中获取存储的URL:
$referrer= base64_decode($_COOKIE['referrer']);
And also redirect using: 并使用以下方式重定向:
header('Location: '.$referrer);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.