dongyao4419 2013-05-31 14:47
浏览 15
已采纳

HTTP referer是否始终在顶级域结束?

I'm assuming the answer is "no" but I haven't been able to find confirmation.

If it varies based on language, I'm interested in both the HTTP headers (e.g. PHPs $_SERVER['HTTP_REFERER']) and JS's document.referrer, though I assume they come from the exact same place and will be identical.

If I want to test that something has come specifically from google.com, is it safe to do a regex match with /\.google\.com\/?$/, or might something come after .com/?

I know that HTTP headers can be easily spoofed, but I might as well make this as accurate/airtight as possible for those who aren't doing anything underhanded.

  • 写回答

2条回答 默认 最新

  • duandi1919 2013-05-31 15:00
    关注

    Okay, nevermind, a 5 second check confirmed this for me. The answer is "no". It's usually the full URL of the referrer, which of course might not end in the TLD. It's just that, when using HTTPS, Google hides the rest of the URL (containing your search query and other info) and just sends https://www.google.com as the referrer.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥20 机器学习能否像多层线性模型一样处理嵌套数据
  • ¥20 西门子S7-Graph,S7-300,梯形图
  • ¥50 用易语言http 访问不了网页
  • ¥50 safari浏览器fetch提交数据后数据丢失问题
  • ¥15 matlab不知道怎么改,求解答!!
  • ¥15 永磁直线电机的电流环pi调不出来
  • ¥15 用stata实现聚类的代码
  • ¥15 请问paddlehub能支持移动端开发吗?在Android studio上该如何部署?
  • ¥20 docker里部署springboot项目,访问不到扬声器
  • ¥15 netty整合springboot之后自动重连失效