stackoom
  简体   繁体   中英

Referrer URL from facebook form POST

 原文  2011-02-05 19:54:39       php/ facebook/ forms/ post

Question

I'm posting a form from a Facebook application to a form processor on my web server and then redirecting to a thank you page.

I want to ensure nothing else can post to this form so was looking to restrict it to only receive input from the Facebook app. The problem I'm coming up against is when I try to find the $_SERVER['HTTP_REFERER'] it isn't passed from Facebook. The value isn't even null, it's not even shown.

Is there anything else I could possibly use to lock down this form processor?

Cheers

Tom

1 answers

solution1
 1 ACCPTED  2011-02-05 20:21:00

Not through the referer, nor through anything FB will send you, since FB doesn't send anything except if a user has installed your app.

What you can do is use an antiforgery token, since you're serving the initial form itself. I think this example is pretty decent: http://shiflett.org/articles/cross-site-request-forgeries

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Extract keywords from referrer URL How to get the referrer url of post request in php? facebook post images from php url Post an image to facebook album from a url How to post to a facebook page from an html form Referrer URL in case if the link was clicked from email Only accept visits from a defined referrer URL? extracting facebook token from url and processing in form How to make sure POST data is sent from my website's form, aside from HTTP_REFERRER and using a nonce? facebook form post to php
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM