如何将 HTTP 引用地址传递给 PHP 脚本

发布于 2024-08-07 03:10:06 字数 534 浏览 7 评论 0原文

这看起来应该很简单。任何指示将不胜感激。

考虑三个站点:

  • widgetserver.com,它向客户端站点提供小部件
  • clientsite.com,显示小部件
  • previoussite.com,这是一个链接到 clientsite.com 的网站

在clientsite.com 的页面中,有一段代码调用widgetserver.com 上的PHP 函数。它看起来像这样:

当 clientsite.com 加载时,它运行“show_widget.php”,这又将小部件放在页面上,

这就是我陷入困境的地方:我想从“show_widget.php”内部访问将用户引向clientsite.com的网站,但在这个函数我们在 widgetserver.com 上,所以引用者是 clientsite.com,而不是 previoussite.com。

有什么方法可以将 clientsite.com 的引用者传递给“show_widget.php”吗?

This seems like it should be simple. Any pointers would be much appreciated.

Consider three sites:

  • widgetserver.com, which serves widgets to client sites
  • clientsite.com, which displays the widget
  • previoussite.com, which is a site that links to clientsite.com

In clientsite.com's page there is a piece of code that calls a PHP function on widgetserver.com. It looks like this:

<script type="text/javascript" src="http://widgetserver.com/show_widget.php></script>

When clientsite.com is loaded, it runs "show_widget.php", which in turn places the widget on the page.

This is where I am stuck: I would like to access the site that referred the user to clientsite.com from inside "show_widget.php", but while in this function we are on widgetserver.com, so the referrer is clientsite.com, not previoussite.com.

Is there any way I can pass clientsite.com's referrer to "show_widget.php"?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

初心 2024-08-14 03:10:06

document.referrer 包含您想要的引用者信息,因此如果它们正在运行 javascript,您可以执行以下操作:

<script language="javascript" type="text/javascript">
var script = document.createElement("script");
script.src = "http://widgetserver.com/show_widget.php?r="+document.referrer;
document.getElementsByTagName("head")[0].appendChild(script);
</script>

这将需要位于 head 标记之外(除非它位于绑定到文档就绪事件或其他事件的函数中) ),否则会失败。

其背后的想法是在页面上生成具有所需属性的动态标记。第一行创建它,第二行设置脚本 src,第三页将其加载到 document.head DOM 元素中,这会导致对其进行评估,并根据需要加载文档。

如果您的客户使用 jQuery,则使用 $.getScript 更容易,与 document.referrer 的用法类似

document.referrer contains the referrer information you want, so if they're running javascript, you could do something like this:

<script language="javascript" type="text/javascript">
var script = document.createElement("script");
script.src = "http://widgetserver.com/show_widget.php?r="+document.referrer;
document.getElementsByTagName("head")[0].appendChild(script);
</script>

This will need to go OUTSIDE of the head tag (unless it's in a function being bound to the document ready event or something), or it will fail.

The idea behind this is to generate a dynamic tag on the page with the attributes you want. The first line creates it, second line sets the script src, and the third page loads it into the document.head DOM element, which causes it to be evaluated, and loads the document as required.

If your clients are using jQuery, it is easier to use $.getScript, with a similar use of document.referrer

晒暮凉 2024-08-14 03:10:06

您无法从 show_widget.php 脚本中“猜测”此信息:客户端必须将该信息传输到您的脚本。

这意味着您的小部件应该包含一些像这样的代码(假设客户端上的页面是用 PHP 生成的)

<script 
    type="text/javascript" 
    src="http://widgetserver.com/show_widget.php?referer=<?php echo urlencode($_SERVER['HTTP_REFERER']); ?>>
</script>

当然:

  • 在将引用者注入页面时不要忘记转义它,因为为了安全性(并获得有效的 HTML),
  • 引用者可能并不总是存在:它是由用户的浏览器发送的,并且可以被伪造和/或禁用。

为了避免在用户浏览器没有发送引用者时生成/显示“注意:未定义索引:HTTP_REFERER”,您可能还需要添加一个检查,以在使用它之前查明它是否已定义 - 使用 isset 为此;例如,类似这样的事情可能会这样做:

<script 
    type="text/javascript" 
    src="http://widgetserver.com/show_widget.php?referer=<?php echo isset($_SERVER['HTTP_REFERER']) ? urlencode($_SERVER['HTTP_REFERER']) : ''; ?>>
</script>

You cannot "guess" this information from your show_widget.php script : clientsite will have to transmit that information to your script.

Which means your widget should be included with some code like this (provided the page on clientsite is generated in PHP) :

<script 
    type="text/javascript" 
    src="http://widgetserver.com/show_widget.php?referer=<?php echo urlencode($_SERVER['HTTP_REFERER']); ?>>
</script>

Of course :

  • don't forget to escape the referer while injecting it into the page, for security (and to get valid-HTML)
  • the referer might not always be present : it is sent by the user's browser, and can be both faked and/or disabled.

To avoid a "Notice: Undefined index: HTTP_REFERER" from being generated/displayed when there is no referer sent by the user's browser, you might also want to add a check, to find out if it's defined before using it -- use isset for that ; for instance, something like this might do :

<script 
    type="text/javascript" 
    src="http://widgetserver.com/show_widget.php?referer=<?php echo isset($_SERVER['HTTP_REFERER']) ? urlencode($_SERVER['HTTP_REFERER']) : ''; ?>>
</script>
勿忘初心 2024-08-14 03:10:06

您可以检测 clientside.com 主脚本上引用的内容并将其作为变量传递给您的脚本:

// clientsite.com script
<?PHP

    echo $main_page;
    $ref = $_SERVER['HTTP_REFERER'];
    echo '<script type="text/javascript" ' .
      'src="http://widgetserver.com/show_widget.php?r=' . $ref . '></script>';

?>

// widgetserver.com script
<?PHP
    $original_referrer = $_REQUEST['r'];
?>

You could detect the referred on the main script of clientside.com and pass it as a variable to your script:

// clientsite.com script
<?PHP

    echo $main_page;
    $ref = $_SERVER['HTTP_REFERER'];
    echo '<script type="text/javascript" ' .
      'src="http://widgetserver.com/show_widget.php?r=' . $ref . '></script>';

?>

// widgetserver.com script
<?PHP
    $original_referrer = $_REQUEST['r'];
?>
~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文