使用浏览器检测 MSISDN(手机号码) [英] Detect an MSISDN (mobile number) with the browser

问题描述

除了这个 X-header x-up-calling-line-id 之外，是否还有其他 HTTP 头可以用来检测移动用户号码?

Are there any HTTP headers one can use to detect a mobile users number other than this X-header x-up-calling-line-id ?

我想尽可能多地检测所有浏览器以覆盖所有平台手机.

I want to detect from all browsers as much as possible to cover all platform mobiles.

推荐答案

我会给你与我在一个非常相似的问题上给出的完全相同的答案，因为它应该能让你深入了解你想要实现的目标.

I will give you the exact same answer I gave to a very similar question as it should provide some insight into what you are trying to achieve.

获取访问 WAP 站点的用户的 MSISDN 的能力取决于许多因素.

The ability to get the MSISDN of the user visiting the WAP site depends on a number of things.

首先，用户必须使用移动数据.如果用户使用 WiFi，那么您将不会收到此信息.

Firstly, the user has to be on Mobile Data. If the user is on WiFi then you will not receive this information.

其次，用户的移动网络必须支持在 HTTP 标头中传递 MSISDN.

Secondly, the users mobile network has to support the passing of the MSISDN in the HTTP headers.

某些移动网络会针对所有请求发送标头.其他人仅在通过特定 APN 时发送.有些只将此标头发送到特定的 IP 地址/块.我什至遇到过将 MSISDN 作为 $_GET 变量发送的网络.您需要与您打算支持的每个网络进行核对.

Some mobile networks send headers on all requests. Others only send if going through a specific APN. Some only send this header to specific IP addresses/blocks. I have even come across networks that send the MSISDN as a $_GET variable. You will need to check with each network that you intend to support.

例如，直到大约 6 个月前，南非的一个特定网络过去一直在标头中发送 MSISDN，现在为了在标头中接收 MSISDN，您的服务器地址需要与它们一起列入白名单.

For example, a particular network in South Africa used to send MSISDNs in headers until around 6 months ago, and in order to receive the MSISDN in the headers now your server address needs to be whitelisted with them.

还请记住，标头很容易被欺骗，除非您确定自己是 HTTP 请求的发起者，否则不应依赖标头，例如在 Android 应用程序中使用 Web 视图的情况下 - 您需要自己采取足够的措施.

Also remember that headers are very easy to spoof, and shouldn't be relied on unless you are guaranteed that you are the originator of the HTTP request, such as in instances where you are using Web Views inside of Android Applications - you would need to put sufficient measures in place yourself.

考虑到所有这些，您应该寻找以下内容:

With all of that in mind, here is what you should be looking for:

查看您的标头以查找以下任何内容.这根本不是 MSISDN 标头的完整列表，它们只是我在移动开发冒险中遇到的那些.

Look through your headers for any of the following. This is not a comprehensive list of MSISDN headers at all, they are only the ones I have come across in my adventures in mobile development.

• X-MSISDN
• X_MSISDN
• HTTP_X_MSISDN
• X-UP-CALLING-LINE-ID
• X_UP_CALLING_LINE_ID
• HTTP_X_UP_CALLING_LINE_ID
• X_WAP_NETWORK_CLIENT_MSISDN

我所做的是遍历标题以查找任何匹配项.如果我没有找到任何匹配项，我会再次使用特定于国家/地区的 MSISDN 正则表达式针对这些值运行标头，以查看在我不知道的密钥标头中是否存在任何潜在的 MSISDN.如果我找到潜在的匹配项，我会将密钥和数据添加到一个列表中，稍后我可以查看该列表，以便添加到我的已知 MSISDN 标头列表中.

What I do is run through the headers looking for any matches. If I don't find any matches I run through the headers again using a country-specific MSISDN regex against the values to see if there are any potential MSISDNs in the headers on keys that I do not know about. If I find a potential match I add the key and data to a list that I can go through later in order to add to my list of known MSISDN headers.

我希望这已经让我明白了一些.最重要的是要记住，这不是获取 MSISDN 的可靠方法.

I hope this has bought some clarity. What is most important to remember is that this is not a reliable method for getting an MSISDN.

这篇关于使用浏览器检测 MSISDN(手机号码)的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！