开发者

HTTP_REFERER empty when redirected by Auth Component

开发者 https://www.devze.com 2023-03-31 09:33 出处:网络
In CakePHP when you try to access a protect action you are automatically taken to the login form within your app. However the HTTP_REFERER is empty????

In CakePHP when you try to access a protect action you are automatically taken to the login form within your app. However the HTTP_REFERER is empty????

$referer = env('HTTP_REFERER');

echo $referer;

So normally when I visit the login page I will see the previous page URL with this code displayed, but if I visit the login page after being taken there by the Auth Component then it will be empty...

why is it empty? as I was just referred???

and how do I get it to acknowledge the redirect as a referal? NOTE: Using the Auth.Redirect session value is not an option in this case because it will stay around af开发者_JAVA技巧ter the person has left the site, so for example if they return to the login page it will show the ORIGINAL requested action and NOT the referred page! So it will act as a referral even when its not because it's using the existing session

EDIT:

As an alternate example:

    if(isset($_SERVER['HTTP_REFERER'])) {
        echo $_SERVER['HTTP_REFERER'];
    }
    else
    {
        echo 'their was no referer';
    }

When the user is taken to the login form it will say their was no referer but that's obviously not TRUE! ????


HTTP_REFERER is a way of the browser to tell the server what page the user was visiting before. It does not signal what page the user has just been redirected from.

Take for example the Ads on Stackoverflow here. Clicking on one of them will take you to some long URL at adzerk.net, which records your click and then redirects you to the target URL. The intermediate Adzerk page is not an interesting page in itself and the user is never actually seeing it, unless he's paying close attention to the address bar. In fact there isn't even a "page" there. So it doesn't count as a "page visit". The next page will receive stackoverflow.com as the referer, the intermediate redirect page is irrelevant.

Stackoverflow -> Adzerk redirect -> Some advertiser
                                    HTTP_REFERER: stackoverflow.com

There's also no referer at all if you type an address into the address bar. If you're on Stackoverflow and type yahoo.com into the address bar, Yahoo will not see any referer from you. If you click on a link that takes you from Stackoverflow to Yahoo, the browser does send a referer.

In your case, if you directly access a protected action by typing it in the address bar and get redirected, there simply is no previous page you came from.


As per the comments, here how to inject data into the URL while redirecting:

AppController extends Controller {

    function redirect($url, $status = null, $exit = true) {
        if (is_array($url)) {
            $url['?'] = 'redirect=true';
        } else {
            $url.= '?redirect=true';
        }
        return parent::redirect($url, $status, $exit);
    }

}


Is $_SERVER['HTTP_REFERER'] also empty?

If it is empty it is not set by the server, this means normally there was no referer, you did a simple refresh or called this page via bookmark. See some use cases for referer here: http://www.electrictoolbox.com/php-http-referer-variable/


Have you tried the refer controller?

$refer = Controller::referer(); // referral url

0

精彩评论

暂无评论...
验证码 换一张
取 消