如何检查perl cgi请求是否来自本地主机
我想向本地主机 HTTP 请求公开用 Perl 编写的服务。我不想修改 Apache 配置。如何检查 Perl CGI HTTP 请求是否来自本地主机?
我希望此检查能够成功,即使此调用是通过虚拟主机进行的,例如。 https://www.myserivce.com/hidden/service.pl 鉴于调用由 www.myserivce.com 内部制作。
I would like to expose a service written in Perl to localhost HTTP requests. I do not want to modify Apache configuration. How to check whether a Perl CGI HTTP request originates from localhost?
I want for this check to succeed even if this call is made through a virtual host eg. https://www.myserivce.com/hidden/service.pl given that the call is made from inside of www.myserivce.com.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
REMOTE_ADDR,但这是一种愚蠢的方法,因为你将身份验证逻辑放入应用程序中。
相反,仅将独立 Web 服务器绑定到本地接口,从而操作系统的 IP/网络堆栈保证没有来自外部的请求可以到达服务器。
REMOTE_ADDR, but that's a dumb way to do it because you put the authentication logic in the application.
Instead, bind a stand-alone Web server to local interface only, thus the operating system's IP/networking stack guarantees that no request from outside can reach the server.
我认为,如果您在
/etc/hosts文件中放入myservice.com和 ip 127.0.0.1 的条目,那么从 localhost 到您网站的所有请求都将具有 <代码>REMOTE_ADDR 设置为 127.0.0.1 。恐怕这是唯一的方法,除非您向
127.0.0.1/hidden/service.pl而不是myservice.com/hidden/service.pl< 发出请求/代码>I think that if you put in
/etc/hostsfile an entry withmyservice.comand ip 127.0.0.1 then all the requests from localhost to your site will have theREMOTE_ADDRset to 127.0.0.1 .I am afraid that this is the only way to do it, unless you are making requests to
127.0.0.1/hidden/service.plinstead ofmyservice.com/hidden/service.pl我使用了以下代码:
我不认为它涵盖了所有情况,但似乎适用于我的设置。如果有人知道通用解决方案,请在此处提交。
I have used the following code:
I do not think it covers all cases, but seems to work with my setup. If anybody knows a generic solution then please submit it here.