简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  Backend Development  >  Three ways to forge the URL source of the HTTP_REFERER page in php

Three ways to forge the URL source of the HTTP_REFERER page in php

高洛峰
高洛峰Original
2017-01-03 17:46:032197browse

php gets the URL address of the previous page of the current page, that is, which page the current page is linked from. You can use $_SERVER['HTTP_REFERER'], but the URL address of this source page can be forged and spoofed. This article introduces three methods of forging HTTP_REFERER page URLs. Friends in need can refer to them.

$_SERVER['HTTP_REFERER'] is a super variable used by PHP to determine the parent source page of the page. We can use $_SERVER['HTTP_REFERER'] to determine which page we entered from. This page has been added so we can track it better.

But $_SERVER['HTTP_REFERER'] can also be forged and deceived. There are three ways to forge and deceive $_SERVER['HTTP_REFERER']

The first method: file_get_contents

$opt=array('http'=>array('header'=>"Referer: $refer")); 
$context=stream_context_create($opt); 
$file_contents = file_get_contents($url,false, $context);

stream_context_create in file_get_contents forges important parameters of the source.

Second method: CURL

$ch = curl_init(); 
curl_setopt ($ch, CURLOPT_URL, "http://www.manongjc.com"); 
curl_setopt ($ch, CURLOPT_REFERER, "http://www.manongjc.com"); 
curl_exec ($ch); 
curl_close ($ch);

The parameter http://www.manongjc.com is the forged URL address.

The third method: fsockopen

$server = 'www.manongjc.com'; 
$host = 'www.manongjc.com'; 
$target = 'index.php'; 
$referer = 'http://www.manongjc.com/'; // Referer 
$port = 80; 
$fp = fsockopen($server, $port, $errno, $errstr, 30); 
if (!$fp){ 
 echo "$errstr ($errno)\n"; 
}else{ 
$out = "GET $target HTTP/1.1\r\n"; 
$out .= "Host: $host\r\n"; 
$out .= "Referer: $referer\r\n"; 
$out .= "Connection: Close\r\n\r\n"; 
fwrite($fp, $out); 
while (!feof($fp)){ 
echo fgets($fp, 128); 
} 
fclose($fp); 
}

Among the above three methods, the third method fsockopen has the best performance and effect, so it is recommended that you use the third method.

The above is the collection of information on the source of the URL of the PHP forged HTTP_REFERER page. We will continue to add relevant information in the future. Thank you for your support of this site!

For more php three methods of forging the URL source of the HTTP_REFERER page, please pay attention to the PHP Chinese website for related articles!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP interception string topic collectionNext article:PHP interception string topic collection

Related articles

See more