jvs
Reputation: 53
php detect/ get the sender url (or server) of post request
Suppose X.com will send a post request to Y.com How Y know that the sender is X? Without the url query string course.
$_SERVER['HTTP_REFERER'] of http://php.net/manual/en/reserved.variables.server.php seems not the answer. The documentation it self says "it cannot really be trusted".
Should it use key & secret key parameter?
Upvotes: 1
Views: 5084
Answers (1)
DrRoach
Reputation: 1356
Send a secret value across with your request, such as a key which you can check for in your script on X.com
Y.com:
$secret = 'SECRET_KEY';
X.com:
if(!empty(htmlentities($_POST['secret'])) {
if(htmlentities($_POST['secret']) == 'SECRET_KEY') {
//Request came from Y.com
}
}
Upvotes: 1
Related Questions
- How to check if a request if coming from the same server or different server?
- How to get http request origin in php
- Get domain of a POST request
- Getting the domain that calls an PHP file on your server through AJAX
- How I can get origin of request with PHP?
- Verify HTTP post sender in php
- PHP: how to get the host for an ajax request?
- Is it possible to reliably know where an HTTP request originated without scripting?
- Is there a way to securely know the originating server hosting an AJAX call?
- Using PHP, how can I tell if a request originates on the hosting server?