The HTTP anti-theft chain and anti-theft chain

HTTP anti-theft chain

Last time, I was not so unfamiliar with HTTP requests. Anti-theft chain is just someone else to request their own site information, for other sites, then if we can identify the request is from that site, if it is an external network, then redirect and other processing. At the Web server level, however, the server determines whether the request is from an extranet or intranet based on the Referer header information of the HTTP protocol . Basic understanding of this principle. Proceed to the next step.

• Loading and Writing module

Before removing the rewrite module in the Apache configuration file #

• In a Web site or directory that requires an anti-theft chain, build a. htaccess file, write rewrite rules

Rewriteengine on

%{request_filename}. *\. (jpg|jpeg|gif| png| HTML) [NC] #对网站外网访问进行重写

%{http_referer}! localhost [nc]rewriterule  . *   www.baidu.com

Anti-theft chain

Since the anti-theft chain is through the head information Referer to judge, then we forged a header information to collect and so on.

classImplement_socketImplementsphp_socket{protected $http _tpye= ' http/1.1 '; protected $url= ' '; protected $request _type= ' '; protected $lines= ' '; protected $fsoket _open= ' '; protected $port= ' '; protected $errstr= ' '; protected $timeout= 0;  Public $parse _url= ' '; protected $content _type= ' '; protected $content _length= 0; protected $body= ' '; protected $header _info=Array(); function__construct ($url,$request _type= ",$port= 80,$timeout= 5)    {        $this->url =$url; $this->request_type =$request _type; $this->port =$port; $this->timeout =$timeout; $this-Parse_url=Parse_url($url); //links        $this-Connect (); }    /** Set Request line **/     Public functionget () {$this->content_type = ' text/html '; $this->lines =$this->request_type. ‘ ‘ .$this-Parse_url[' Path ']. ‘ ‘ .$this-Http_tpye; return $this-request (); }     Public functionPost$param)    {        //Set Header information        $this->content_type = ' application/x-www-form-urlencoded '; $data=$this->body_info ($param); $this->header_info[] = ' content-length: '.strlen($data); $this->lines =$this->request_type. ‘ ‘ .$this-Parse_url[' Path ']. ‘ ‘ .$this-Http_tpye; $this->body =$data; return $this-request (); }     Public functionrequest () {$getinfo= ' '; /*Echo $this->lines. "\ r \ n". Implode ("\ r \ n", $this->header_info). "\n\r\n".        $this->body; Exit ();*/        //link Successful Write header information        fwrite($this->fsoket_open,$this->lines. "\ n".implode("\ n",$this->header_info). "\n\r\n".$this-body);  while(!feof($this-Fsoket_open)) {            $getinfo.=fgets($this->fsoket_open, 2048); }        fclose($this-Fsoket_open); return $getinfo; }    /** Link **/     Public functionConnect () {Try {            $this->fsoket_open =Fsockopen($this-Parse_url[' Host '],$this->port,$this->ERRSTR,$this-timeout); } Catch(Exception $exception) {            Echo' Connect is failed: '.$exception->getmessage (). ' r\n '.$this-Errstr; }    }    /** Set HEADER information **/     Public functionHeader_info ($head _arraay=Array())    {        $this->header_info =$head _arraay; }    /** Set Body **/     Public functionBody_info ($param= ' ')    {        //request string after generating Url-encode        return $param; }}//anti-theft chain$http=NewImplement_socket (' http://localhost/smarty/explain.png ', ' GET ');$http->header_info (Array(    ' referer:http://localhost/smarty/', "Host:".$http-Parse_url[' Host ']));//write the file in//echo strstr ($http->get (), ' \r\n\r\n ');file_put_contents(' Caiji.png ',substr(strstr($http->get (), "\r\n\r\n"), 4);

The HTTP anti-theft chain and anti-theft chain