Getting Browser URL in Node.js
Question
I was looking to get the browser url from a user who has included my external js file in their website. They include the js file, which makes an ajax call using jquery to my node server. I know I could pass the url to my server by getting it with javascript and sending it with the ajax call, but I assume this would be a security risk since it's easy to fake the url. I have the same security issue by looking at the header. Does anyone know how to get the url sercurely to the server? I'm using node.js and express for my server.
1 answers
solution1
0 ACCPTED 2015-07-13 18:26:11
If you trust the person controlling the client then you can use the referer header, but note that it is sometimes suppressed by the browser to protect the user's privacy.
If you control the server hosting the HTML then you can have that server generate a psuedo-random token, send it to the server hosting the JS with the URL for the HTML, then embed that token in query string for the <script> element that it embeds in the HTML before delivering that HTML to the client.
Otherwise, there is no entity that you trust to tell you the truth about the URL and you are stuck.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.