如何获得在PHP中的HTTP请求的起源 [英] How to get http request origin in php

问题描述

我想创建一个API，并验证API的消费者，我将提供一个API密钥，应用ID和App-秘密。问题是，我想知道在哪里HTTP请求是从哪里来的，这样我可以知道这是否正在阙请求的主机是注册的主机。例如：www.someone.com有一个应用ID：0001，应用程序秘密：1200和API密钥：458。如果此凭证用于提出请求，我​​想知道，如果请求者是真的www.someone.com

I want to create an API, and to authenticate API consumers, I will provide an API KEY, App-id and App-Secret. The problem is that I want to know where the http Request is coming from, so that I can know if the Host that is making que request is the registered Host. For example : www.someone.com has an app-id :0001, app-secret:1200 and api-key:458. If this credentials are used to make A request, I want to know if the requester is really www.someone.com

推荐答案

尝试$ _ SERVER ['HTTP_REFERER']
这是该网页（如果有的话），其中提到的用户代理到当前页面的地址。这是由用户代理设置。并不是所有的用户代理将设置这个，而且有的还可以手工修改HTTP_REFERER作为一个功能的能力。

Try $_SERVER['HTTP_REFERER'] It is the address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature.

进一步限制

@IIS下方设置的web配置：

@IIS set below in web config:

添加名称=访问控制允许来源VALUE =htt​​p://www.yourdomain.com

add name="Access-Control-Allow-Origin" value="http://www.yourdomain.com"

@Apache低于设定在httpd.conf /的apache.conf

@Apache set below in httpd.conf/apache.conf

头添加访问控制允许来源 http://www.yourdomain.com

Header add Access-Control-Allow-Origin "http://www.yourdomain.com"

这篇关于如何获得在PHP中的HTTP请求的起源的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！