PHP中$_SERVER['HTTP_ORIGIN']是什么意思?
array (size=35)
'HTTP_HOST' => string 'localhost' (length=9)
'HTTP_CONNECTION' => string 'keep-alive' (length=10)
'HTTP_CACHE_CONTROL' => string 'max-age=0' (length=9)
'HTTP_ACCEPT' => string 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8' (length=63)
'HTTP_USER_AGENT' => string 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1566.2 Safari/537.36' (length=107)
'HTTP_ACCEPT_ENCODING' => string 'gzip,deflate,sdch' (length=17)
'HTTP_ACCEPT_LANGUAGE' => string 'zh-CN,zh;q=0.8' (length=14)
'HTTP_COOKIE' => string 'bdshare_firstime=1398236005607; AJSTAT_ok_times=1' (length=49)
'PATH' => string 'C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64;E:\eclipse-php-helios-win32-x86_64\eclipse\bin;D:\Program Files (x86)\WinMerge;D:\Program Files\TortoiseSVN\bin;' (length=316)
'SystemRoot' => string 'C:\Windows' (length=10)
'COMSPEC' => string 'C:\Windows\system32\cmd.exe' (length=27)
'PATHEXT' => string '.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC' (length=53)
'WINDIR' => string 'C:\Windows' (length=10)
'SERVER_SIGNATURE' => string '' (length=0)
'SERVER_SOFTWARE' => string 'Apache/2.4.4 (Win64) PHP/5.4.12' (length=31)
'SERVER_NAME' => string 'localhost' (length=9)
'SERVER_ADDR' => string '127.0.0.1' (length=9)
'SERVER_PORT' => string '80' (length=2)
'REMOTE_ADDR' => string '127.0.0.1' (length=9)
'DOCUMENT_ROOT' => string 'D:/wamp/www' (length=11)
'REQUEST_SCHEME' => string 'http' (length=4)
'CONTEXT_PREFIX' => string '' (length=0)
'CONTEXT_DOCUMENT_ROOT' => string 'D:/wamp/www' (length=11)
'SERVER_ADMIN' => string 'webmaster@dummy-host2.example.com' (length=33)
'SCRIPT_FILENAME' => string 'D:/wamp/www/test/index.php' (length=26)
'REMOTE_PORT' => string '61326' (length=5)
'GATEWAY_INTERFACE' => string 'CGI/1.1' (length=7)
'SERVER_PROTOCOL' => string 'HTTP/1.1' (length=8)
'REQUEST_METHOD' => string 'GET' (length=3)
'QUERY_STRING' => string '' (length=0)
'REQUEST_URI' => string '/test/' (length=6)
'SCRIPT_NAME' => string '/test/index.php' (length=15)
'PHP_SELF' => string '/test/index.php' (length=15)
'REQUEST_TIME_FLOAT' => float 1398489942.177
'REQUEST_TIME' => int 1398489942
没有你说的这一项,
可以看一下
http://stackoverflow.com/questions/4566378/how-secure-http-origin-is
是啊,我也没见过这个,不会是高php版本新出的吧,话说你给的链接都是英文啊看不懂呵呵,不过还是很感谢你啊
Storm代理
2023-08-29 广告
The HTTP_ORIGIN is neither sent by all browsers nor it is secure to trust. You should really use:
echo $_SERVER['HTTP_REFERER'];
The issue happens to you because that particular browser hasn't set the origin. You don't trust HTTP_REFERER as well. It is as insecure as the former.
shareimprove this answeredited Dec 19 '16 at 21:21answered Dec 19 '16 at 21:19Praveen Kumar120k20110157
1 as long as you dont trust HTTP_REFERER as it is set by the browser. can be faked, or often emptied by various software for security – user557846 Dec 19 '16 at 21:20 More Info Here about it stackoverflow.com/questions/4566378/how-secure-is-http-origin – chop62 Dec 19 '16 at 21:21 Both of you, updated the answer. :D – Praveen Kumar Dec 19 '16 at 21:211 @PraveenKumar i demand 10% of the pay ;-) – user557846 Dec 19 '16 at 21:221 i think we agree. – user557846 Dec 19 '16 at 21:31
show 7 more comments。
