i've a jquery script which post/get data to .php script. but i wanna prevent direct access to the php script. for example if the user look at the html source code,they will be able to access the php script directly by copying the url from the js file and i dont want that. how do i prevent users from doing that?? i want the user to use it via the html UI. i've google but found no link on this. however, i did notice that some popular websites are able to do that. how should i go about doing this??
阻止直接访问jquery post url
- 写回答
- 好问题 0 提建议
- 追加酬金
- 关注问题
分享- 邀请回答
-
4条回答 默认 最新
- doumei4964 2012-01-31 14:10关注
It seems like a simple redirect is what you're looking for here.
Add something like this to the top of your php file. This will prevent the page from being accessed if the proper post has not been made. Of course you'll have to change the post and redirect to content more relevant to your project.
if (!isset($_POST['data'])) { header('Location: your-redirect-location'); }You may also be able to redirect based on the $_SERVER['HTTP_REFERER'] variable.
EDIT: I was going to explain this in a comment but it's too long. I should note that this is a simple solution. It will keep people from accidentally accessing your script. It's really difficult to create a 100% secure solution for your issue, and if somebody really wants to access it, they will be able to. If you don't have anything secure in the script in question, this will be fine. Otherwise, you'll have to look for an alternative.
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏举报 分享
- 2017-03-14 10:00回答 7 已采纳 你都访问不到后台,你后台只写一个类,怎么知道找谁啊。建个servlet
- 2022-04-30 16:33回答 2 已采纳 model.addAttribute()是为了给JSP页面传值你怎么直接在js里面直接接收咧javascript与jsp中不能相互传值,因为javascript运行在客户端,jsp运行在服务器端。若想
- 2021-11-29 22:26回答 2 已采纳 因为题主调用了Response.BinaryWrite输出内容。和方法什么返回值没关系。如果方法设置了返回值,那么要在最后返回和方法定义的类型一样的数据,要不编译时会报错。mvc的直接定义返回值为Ac
- 2020-12-04 01:33使用ajax在前端验证是否执行某个操作 jquery.post参数为 url,[data],[callback],[type] url:发送请求地址。 data:待发送 Key/value 参数。 callback:发送成功时回调函数。 type:返回内容格式,xml, html, script, ...
- 2022-03-17 22:32回答 2 已采纳 用setInterval定时器来实时更新你题目的解答代码如下: <!DOCTYPE html> <html lang="en"> <head> <me
- 2012-12-17 16:12回答 2 已采纳 You are right, using a browser or $.get are basically the same. The only difference is that an AJA
- 2022-07-11 20:56回答 1 已采纳 if ($request_method = 'POST') {add_header 'Access-Control-Allow-Origin' '*或者是你允许的域名';add_header 'Acc
- 2022-03-17 09:09Qx7的博客 前端通过Jquery封装Ajax发送post请求,上传文件携带参数
- 2022-03-11 16:18回答 2 已采纳 代码没看出什么问题。自动刷新目测是提交表单了,有下面的可能1)jquery没有正确导入导致事件没绑定上,比如路径错误2)执行click事件绑定的代码放到dom前面了没绑定上事件,导致提交了表单。需要放
- 2023-01-31 19:58回答 3 已采纳 jQuery选择器返回的是jQuery对象数组,所以要用下标访问才能获取DOM元素 var $deleteForm = $("#delete_form")[0]; 确实容易搞混😂用多了就差点忘了自
- 2022-04-22 14:20回答 3 已采纳 应该是由于按钮类型的submit,直接提交到form标签设置的action地址,可以将type="submit"改为type="button" <button type="button" id=
- 2023-09-01 10:20努 力 小 子的博客 场景:点击保存后数据库修改成功,同时要调用存储过程。 $.ajax({ url: [[@{/后端路径}]] method:'GET/POST', syccess: function(response){ alert("成功"); console.log(response); } });
- 2017-01-13 15:34回答 1 已采纳 I have fixed the problem. This is the button now: $.fn.dataTable.ext.buttons.export = { class
- 2022-10-18 19:42我要puppy的博客 flask与前端通过ajax传递数组(post)
- 2022-05-12 19:34Coder_Xy的博客 $.post(url, (data) => { }); $.ajax({ url: "", method: "POST", data: { }, contentType: { }, headers: { }, success: ( ) => { }, error: ( )=>{ }, complete: ( )=>{ } }) ...
- 没有解决我的问题, 去提问
悬赏问题
- ¥60 求一个简单的网页(标签-安全|关键词-上传)
- ¥35 lstm时间序列共享单车预测,loss值优化,参数优化算法
- ¥15 基于卷积神经网络的声纹识别
- ¥15 Python中的request,如何使用ssr节点,通过代理requests网页。本人在泰国,需要用大陆ip才能玩网页游戏,合法合规。
- ¥100 为什么这个恒流源电路不能恒流?
- ¥15 有偿求跨组件数据流路径图
- ¥15 写一个方法checkPerson,入参实体类Person,出参布尔值
- ¥15 我想咨询一下路面纹理三维点云数据处理的一些问题,上传的坐标文件里是怎么对无序点进行编号的,以及xy坐标在处理的时候是进行整体模型分片处理的吗
- ¥15 CSAPPattacklab
- ¥15 一直显示正在等待HID—ISP