drzbc6003 2010-02-12 02:29
浏览 50
已采纳

如何代理页面并退出循环?

I have a service (in PHP):

  • A User browser accesses Private URL at the Service
  • Service decodes Private URL and fetches page from a Client Server (Curl)
  • Service modifies page from Server according to Private URL info in a database
    • Response headers (content length, set-cookie[server-domain])
    • Add a <base> tag for relative href's
    • Add javascript to set form fields to initial values
  • Service forwards modified page to User browser (and is done with any further interaction) as the form action attribute points at the Client Server.

Question: the set-cookie headers do not seem to work, maybe just a debugging issue, BUT is this a good way to do this? If not, how better?

And it is because a sales guy sold the service already.

  • 写回答

1条回答 默认 最新

  • douchuituo3032 2010-02-16 06:19
    关注

    The issues here turns out to be cross-domain cookies, a distinct non-no as it is one of the essential moves of an attack vector.

    The browser is not accepting the cookies with the re-written domain names, as indeed it should not (neither in the response headers nor in javascript).

    The proper solution can only be had by fully proxying the Client Server.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 maple软件,用solve求反函数出现rootof,怎么办?
  • ¥50 汇编语言除法溢出问题
  • ¥65 C++实现删除N个数据列表共有的元素
  • ¥15 Visual Studio问题
  • ¥15 state显示变量是字符串形式,但是仍然红色,无法引用,并显示类型不匹配
  • ¥20 求一个html代码,有偿
  • ¥100 关于使用MATLAB中copularnd函数的问题
  • ¥20 在虚拟机的pycharm上
  • ¥15 jupyterthemes 设置完毕后没有效果
  • ¥15 matlab图像高斯低通滤波