服务器可以阻止curl请求吗?
我正在开发 ZOHO API 并尝试使用 cURL 更新记录。我尝试了不同的 cURL 变体,但它总是返回“false”。但是当我使用浏览器调用相同的 URL 时,它就可以工作。
有什么办法可以阻止 cURL 请求吗?有没有其他方法可以使用 POST 或 GET 请求来调用该 URL?
我尝试过的cURL代码如下:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
$data = curl_exec($ch);
curl_close($ch);
I am working on ZOHO API and trying to update the record using cURL. I tried different cURL variations, but it always returns "false". But when I call the same URL using a browser, it works.
Is there any way they can block cURL requests? Is there any other way I can call that URL using a POST or maybe a GET request?
The cURL code I have tried is as below:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, 0);
$data = curl_exec($ch);
curl_close($ch);
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
许多 Web 服务器希望阻止由浏览器以外的其他设备伪造的 HTTP 请求,以防止机器人滥用。
如果您想从浏览器模拟/假装您的请求,您至少必须:
传递与浏览器完全相同的标头(使用 ie Firebug 获取它们)
更改用户代理(浏览器名称)
启用 cookie(例如重定向和会话处理)
添加引荐来源网址
并祈祷您没有错过任何内容!
Many web servers want to block HTTP requests forged by something else than a browser, to prevent bots abuses.
If you want to simulate/pretend your request from a browser, you at least have to:
Pass the exact same headers than your browsers (use ie Firebug to get them)
Change the user agent (name of the browser)
Enable cookies (for eg redirection and session handling)
Add referers
And pray you haven't missed anything!
服务器本身无法阻止 cURL 请求,但它们可以阻止任何它们不喜欢的请求。如果服务器检查您的 cURL 请求不满足的某些参数,它可能会决定以不同的方式响应。
在绝大多数情况下,这种行为差异是由 HTTP 请求标头的存在(或不存在)和值触发的。例如,服务器可能会检查
User-Agent标头是否存在并且具有有效值(它还可以检查许多其他内容)。要了解来自浏览器的 HTTP 请求是什么样子,请使用 HTTP 调试代理,例如 Fiddler 或浏览器的开发者工具。
要将您自己的标头添加到 cURL 请求中,请使用
Servers cannot block cURL requests per se, but they can block any request that they do not like. If the server checks for some parameters that your cURL request does not satisfy, it could decide to respond differently.
In the vast majority of cases, this difference in behavior is triggered by the presence (or absence) and values of the HTTP request headers. For example, the server might check that the
User-Agentheader is present and has a valid value (it could also check lots of other things).To find out what the HTTP request coming from the browser looks like, use an HTTP debugging proxy like Fiddler or your browser's developer tools.
To add your own headers to your cURL request, use
回答您的问题“有什么方法可以阻止 CURL 请求吗?”:是的,事实上,人们可以通过读取
User-Agent标头来检测 cURL 请求。您可以通过调用
curl_setopt($ch, CURLOPT_USERAGENT, 'My user agent string!');来更改用户代理。To answer your question "Is there any way they can block CURL requests?": Yes, in fact one may detect a cURL request by reading the
User-Agentheader.You can change the user agent by calling
curl_setopt($ch, CURLOPT_USERAGENT, 'My user agent string!');.为了详细说明这一点,您可以使用curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0');或类似的东西来伪造用户代理。在这种情况下,服务器会认为 Firefox 浏览器正在发出请求。
Just to elaborate a little more on this, you can use the curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0'); or something like that to fake the user agent. In this case, the server would think a Firefox browser was making the request.