$_SERVER['HTTP_X_REQUESTED_WITH'] 是否存在于 PHP 中? [英] Does $_SERVER['HTTP_X_REQUESTED_WITH'] exist in PHP or not?
问题描述
在整个互联网上,甚至包括 Stack Overflow,人们都说检查请求是否为 AJAX 的好方法是执行以下操作:
All over the Internet, included even here at Stack Overflow, people state that a good way to check if a request is AJAX or not is to do the following:
if (strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' ) {...}
但是,我在 官方 PHP 文档
However, I don't see $_SERVER['HTTP_X_REQUESTED_WITH'] in the official PHP documentation
当我尝试执行以下操作时:
And when I try to do the following:
echo $_SERVER['HTTP_X_REQUESTED_WITH'];
什么都没有输出.
我做错了吗?因为我真的很想能够使用 $_SERVER['HTTP_X_REQUESTED_WITH'] 如果它可用.
Am I doing something wrong? Because I'd really like to be able to use $_SERVER['HTTP_X_REQUESTED_WITH'] if it's available.
推荐答案
$_SERVER 中的变量实际上并不是 PHP 的一部分,这就是您在 PHP 文档中找不到它们的原因.它们由 Web 服务器准备,然后将它们传递给脚本语言.
The variables in $_SERVER are not really part of PHP, which is why you won't find them in the PHP documentation. They are prepared by the Web server which passes them on to the scripting language.
据我所知,X-Requested-With 是由大多数主要框架的 Ajax 函数发送的,但不是全部(例如,Dojo 两年前才添加的:
As far as I know, the X-Requested-With is sent by the Ajax functions of most major Frameworks but not all (Dojo, for example, added it only two years ago: #5801). As such, and taking into considerations @bobince' comments, it's safe to say it's not generally a 100% reliable method to determine whether a request is an AJAX request or not.
唯一 100% 安全的方法是随请求一起发送预定义的标志(例如 GET 变量),并让接收页面检查该标志是否存在.
The only 100% secure way is to send a pre-defined flag (e.g. a GET variable) along with the request and for the receiving page to check for the presence of that flag.
这篇关于$_SERVER['HTTP_X_REQUESTED_WITH'] 是否存在于 PHP 中?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
