tags:

views:

287

answers:

1
Q: 

Alternative Header() command to set Referer in PHP?

Hello PHP magicians!

I am trying to initiate a download from a server that will give a 403 forbidden unless the referrer is set to the same domain. Currently Header() allows me to redirect the user to the file location and init a download, but referrer is always set to my script. Use of curl would cause the file to download on the server side. Can anyone help me find a work around to redirect the user while also setting the referrer???

Example code snippet:

header("Location: $filelocation"); # Need to set Referer = $url
+1  A: 

The Referer, or generally any request header, is always set by the requesting party. Your server, which is the responding party, cannot force the client (browser) to set any specific header for a request. It's completely up to the browser what headers to send.

The only thing you could do is to download the image via cURL, faking any header you want (because you're the requesting party) and output the image from your server to the client (basically acting as a proxy). It sounds like you're doing something you're really not supposed to though, so I'll leave it up to you to figure that out.

deceze  2010-07-13 04:29:50
I understand how to fake headers in curl, but again I need to do this client side. I don't want the files, the clients do. So if PHP can not force the headers of the request is there a way to do it in javascript when i make the request to the php file that currently redirects me?EDIT: I apologize if this is OT as javascript is not in the tags.
ANaNiMuSe  2010-07-13 04:34:42
@ANaNiMuSe You could set request headers using Javascript, yes. You could get the raw image data that way and create an `<img>` element using it. That may or may not be what you want, you won't be able to download just the image, it will always need to be embedded in an HTML page. But you should really read my answer again carefully.
deceze  2010-07-13 04:40:56
I just tryed this as a fix:die("<html><head><title>redirect</title><meta http-equiv=\"Refresh\" content=\"0; URL=$referringurl\"><head><body onLoad=\"javascript: window.location='$filelocation';\"></body></html>");Not werkin... Can you elaborate on your javascript solution? I know a) its possible to accomplish this b) i'm really close to figuring it out but will either need to bang my head against the wall for more hours or find a magician who has encountered this beast before.Thanks in advance!
ANaNiMuSe  2010-07-13 04:55:09
@ANaNiMuSe The only way I could think of using Javascript would be an AJAX request and using images with [Data URIs](http://en.wikipedia.org/wiki/Data_URI_scheme). That's only compatible with a limit number of browsers though. I think any attempt through redirects is doomed.
deceze  2010-07-13 05:21:31

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases