[英]Check user request my site is using URL visit or script src | link href request
现在,我正在制作自己的东西,就像Rawgit一样,以防万一Rawgit崩溃了
这是我的PHP代码
<?php
$urlquery = $_SERVER['QUERY_STRING'];
$fullurl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$code = file_get_contents($urlquery);
echo $code;
?>
这段代码是某种脚本src的工作发现。 样式链接请求
但是当我尝试这样的时候
<?php
$urlquery = $_SERVER['QUERY_STRING'];
$fullurl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$code = file_get_contents($urlquery);
echo '<code style="word-wrap: break-word; white-space: pre-wrap;">'.$code.'</code>'
?>
从URL请求看起来不错,但在脚本src中却无法使用 样式链接请求不再
我想这是一种检查用户使用URL或某种请求的方法,如下所示
<?php
$urlquery = $_SERVER['QUERY_STRING'];
$fullurl = 'http://' . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
$code = file_get_contents($urlquery);
echo $code;
if ( user is form URL visiting my site ) {
echo '<code style="word-wrap: break-word; white-space: pre-wrap;">'.$code.'</code>'
}else {
//User is scripting
echo $code
}
?>
您可以使用$ _SERVER ['HTTP_ACCEPT']来检查请求是否来自脚本SRC
如果直接或不通过src Header将看起来像:
Host: localhost
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.24 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
DNT: 1
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: __utma=111872281.760768228.1462861525.1462861525.1462882676.2; __utmz=111872281.1462861525.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
如果从src将看起来像:
Host: localhost
Connection: keep-alive
Cache-Control: max-age=0
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.24 Safari/537.36
Accept: */*
DNT: 1
Referer: http://localhost/b/jwplayer/test.txt.html
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8
Cookie: __utma=111872281.760768228.1462861525.1462861525.1462882676.2; __utmz=111872281.1462861525.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
在Firefox和Chrome上进行了测试。
不同之处在于标头接受:
直接将“ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
“
从src将“ */*
”
来自css href“ text/css,*/*;q=0.1
”
因此您可以使用script:
<?php
$acceptheader=explode(',',$_SERVER['HTTP_ACCEPT']);
if(in_array("text/html", $acceptheader)){
echo '<pre class="prettyprint">var variable="i am direct & not from SRC";</pre>';
}else{
echo 'var variable="i am from SRC";';
}
不要忘记添加标题(“ Content-type:mime”); 在Chrome CSS href上将无法使用输出标头“ text / css ”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.