HTTP anti-theft chain
Last time, I was not so unfamiliar with HTTP requests. Anti-theft chain is just someone else to request their own site information, for other sites, then if we can identify the request is from that site, if it is an external network, then redirect and other processing. At the Web server level, however, the server determines whether the request is from an extranet or intranet based on the Referer header information of the HTTP protocol . Basic understanding of this principle. Proceed to the next step.
Before removing the rewrite module in the Apache configuration file #
Rewriteengine on
%{request_filename}. *\. (jpg|jpeg|gif| png| HTML) [NC] #对网站外网访问进行重写
%{http_referer}! localhost [nc]rewriterule . * www.baidu.com
Anti-theft chain
Since the anti-theft chain is through the head information Referer to judge, then we forged a header information to collect and so on.
classImplement_socketImplementsphp_socket{protected $http _tpye= ' http/1.1 '; protected $url= ' '; protected $request _type= ' '; protected $lines= ' '; protected $fsoket _open= ' '; protected $port= ' '; protected $errstr= ' '; protected $timeout= 0; Public $parse _url= ' '; protected $content _type= ' '; protected $content _length= 0; protected $body= ' '; protected $header _info=Array(); function__construct ($url,$request _type= ",$port= 80,$timeout= 5) { $this->url =$url; $this->request_type =$request _type; $this->port =$port; $this->timeout =$timeout; $this-Parse_url=Parse_url($url); //links $this-Connect (); } /** Set Request line **/ Public functionget () {$this->content_type = ' text/html '; $this->lines =$this->request_type. ‘ ‘ .$this-Parse_url[' Path ']. ‘ ‘ .$this-Http_tpye; return $this-request (); } Public functionPost$param) { //Set Header information $this->content_type = ' application/x-www-form-urlencoded '; $data=$this->body_info ($param); $this->header_info[] = ' content-length: '.strlen($data); $this->lines =$this->request_type. ‘ ‘ .$this-Parse_url[' Path ']. ‘ ‘ .$this-Http_tpye; $this->body =$data; return $this-request (); } Public functionrequest () {$getinfo= ' '; /*Echo $this->lines. "\ r \ n". Implode ("\ r \ n", $this->header_info). "\n\r\n". $this->body; Exit ();*/ //link Successful Write header information fwrite($this->fsoket_open,$this->lines. "\ n".implode("\ n",$this->header_info). "\n\r\n".$this-body); while(!feof($this-Fsoket_open)) { $getinfo.=fgets($this->fsoket_open, 2048); } fclose($this-Fsoket_open); return $getinfo; } /** Link **/ Public functionConnect () {Try { $this->fsoket_open =Fsockopen($this-Parse_url[' Host '],$this->port,$this->ERRSTR,$this-timeout); } Catch(Exception $exception) { Echo' Connect is failed: '.$exception->getmessage (). ' r\n '.$this-Errstr; } } /** Set HEADER information **/ Public functionHeader_info ($head _arraay=Array()) { $this->header_info =$head _arraay; } /** Set Body **/ Public functionBody_info ($param= ' ') { //request string after generating Url-encode return $param; }}//anti-theft chain$http=NewImplement_socket (' http://localhost/smarty/explain.png ', ' GET ');$http->header_info (Array( ' referer:http://localhost/smarty/', "Host:".$http-Parse_url[' Host ']));//write the file in//echo strstr ($http->get (), ' \r\n\r\n ');file_put_contents(' Caiji.png ',substr(strstr($http->get (), "\r\n\r\n"), 4);
The HTTP anti-theft chain and anti-theft chain