http-referer

问题 say I have a condition like where I want that if the request is not from these ips ["192.0.2.0/24","203.0.113.0/24"] and if the request doesn't have a referrer among the following [example1.com, example2.com ] then deny it. I know individually I can do something like this: { "Sid": "6", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": "arn:aws:s3:::my_bucket/*", "Condition": { "IpAddress":{ "aws:SourceIp": ["192.0.2.0/24","203.0.113.0/24"] } } } { "Sid": "7", "Effect

问题 I am trying to redirect users on my site that come from a certian referal site to have a special message. I have this: <?php $REFERER = $_SERVER['HTTP_REFERER']; if ($REFERER == "http://www.url.com/") { ?> Content Goes Here ?> } ?> And they do not get the message I did a test and did it from one of my other sites and echoed what the $_SERVER['HTTP_REFERER']; put out and changed the above code to match it exactly and it worked but I think the issue I am having is the output of the $_SERVER[

问题 Say that I have a link from one.com to two.com/A.html. A.html looks like this <FRAMESET cols="100%"> <FRAME src="B.html"> </FRAMESET> The HTTP Referer on A.html is "one.com", but what will the HTTP referer be on B.html? Is this browser specific? 回答1: it'll be two.com/A.html, the link from the container. It's not browser specific, unless the browser is told to send a different referer via configuration 回答2: It should be two.com/a.html (i.e. the page that has the frameset on it). Remember that

问题 How can you get the HTTP Referrer when redirected from another website, not when they click on a link since it would work for $_SERVER['HTTP_REFERER'] , but it doesn't work when a user has been redirected a website and the referrer would be empty. What will be the method to get the referrer? 回答1: How can you get the HTTP Referrer when redirected from another website You can't. If the redirection takes place under your control, you can add the original referer as a parameter, but if the

问题 I have implemented the following code to htaccess but are still seeing referrers from semalt, such as: 74.semalt.com 89.semalt.com The code: # Block visits from semalt.com RewriteEngine on RewriteCond %{HTTP_REFERER} ^http://([^.]+\.)*semalt\.com [NC] RewriteRule .* - [F] Any idea how these referrers are bypassing this rule (which I found online) and how I can fully prevent them? 回答1: Your code looks good, syntax checks out ok! I used these mod_rewrite methods: RewriteCond %{HTTP_REFERER}

问题 Are there any 'best practices' concerning how one should return a user to their original page after logging in to your website, specifically in PHP? e.g. if I'm viewing a StackOverflow question while not logged in, how would you ensure that I return to this question if I logged in? From my research, it seems a lot of advice centers around the $_SERVER['HTTP_REFERER'] variable. Basically, you take note of the referer and store it in the session, then redirect back to that page when you're done

问题 Suppose I have a webpage located at http://www.website.com with an <iframe> in it. Like this: <html> <head>...</head> <body> ... <iframe src="http://www.washington.edu"> ... </body> </html> Now suppose someone goes to www.website.com and clicks a link in the iframe itself (this link is located on www.washington.edu website). My question is what is the HTTP Referer in this case? Is it http://www.website.com (the page hosting iframe) or is it http://www.washington.edu (the page in which the

问题 I'm trying to get the Referer of my users. Like if they come from facebook, youtube, google or anything else. Now I've tried something like that: $referrer = $this->request->headers->get('referer'); $url = $referrer ? $this->to($referrer) : $this->getPreviousUrlFromSession(); return $url ?: $this->to('/'); // returns: Method referer does not exist. This: return $_SERVER["HTTP_REFERER"] // returns Undefined index: HTTP_REFERER that: session_start(); if ( !isset( $_SESSION["origURL"] ) ) $

问题 I want to know whether 301 redirect always preserve referrer. I make a page called "gotoorig_https.html" which contains a hyperlink to a page "orig_https.asp". "orig_https.asp" will 301 redirect to "dest.html" which shows the document.referrer. In this case, http page(gotoorig_https.html) -> orig_https.asp(301 redirect)-> https page (dest.html) <--the referrer preserves https page(gotoorig_https.html) -> orig_https.asp(301 redirect)-> https page (dest.html) <--the referrer preserves I also

问题 Can I rely on Referer HTTP header in my web application? I want to check if the user came from a particular domain/webpage, and if he or she did, then change the layout of my site accordingly. I know that people can disable Referer in their browsers. Any ideas how often users do that? Can I rely on Referer being present in 99%? 回答1: As a general rule, you should not trust the HTTP Referer Header for any matter of importance, except for purely informative statistical analysis of who your