How Can I Reliably Determine Page Referrer in PHP?

Reliable Determination of Page Referrer in PHP

Determining the origin of a request can be crucial for validating requests and ensuring security. However, relying on the $_SERVER['HTTP_REFERER'] header for this purpose is discouraged due to its unreliability.

Addressing the Issue

To establish a secure mechanism for determining page referrer, cookies provide a more reliable solution. Cookies are sent along with AJAX requests, allowing you to verify that the requesting page is authenticated or has been visited by the user on your site.

By using cookies, you can create a secure token or session identifier that is passed back to your script. This approach ensures that only requests originating from your site can execute the desired actions.

Example Implementation

1. Create a unique token or session identifier.
2. Set a cookie with the token in the response header of the page that initiates the request.
3. In the script that processes the AJAX request, check for the presence of the cookie.
4. Validate the token or session identifier to verify that it matches the one generated on your site.
5. If validation is successful, allow the requested actions to be performed.

The above is the detailed content of How Can I Reliably Determine Page Referrer in PHP?. For more information, please follow other related articles on the PHP Chinese website!