PHP, how do you check the page you asked?
-
I need to make sure that the request to the violin comes from my server. I found it.
$_SERVER['REQUEST_URI']but it only shows a relative path to the file itself.(/order/order.php)♪ I'm using a violin through ajax, maybe that's the problem?How do I get a full path or make sure my server's asking?
-
There's a heading Referrer that shows where the request came from. Brauser may not send this information, and then you can't find out.
If the browser sent this information, it's in the $SERVER.
Information from http://php.net/manual/ru/reserved.variables.server.php :
Page address (if any) that led the user ' s browser to That page. This heading is established by a web-based browser The user. Not all browsers set it and some as the contents of the change headline HTTP_REFERER. In short, he can't really be trusted.
If you want to protect yourself from counterfeiting requests, you can add an undetected token known only to your server to every request. In this way, if a request comes without a suitable token, it will be denied access, which is commonly used for protection from CSRF, which leads to the ability of the hacker to carry out a mass of different actions on behalf of other registered visitors on an unprepared website.
