问题描述
我似乎遇到了 Internet Explorer 7 的问题.我有一个 html 页面,其中包含指向另一台服务器上的文件的链接.我链接到的服务器检查请求的引用者,如果引用者有效,它允许访问资源.它在 firefox 2 和 3 中工作正常(因为我的 html 页面所在的服务器是一个有效的引用),但在 Internet Explorer 中它不起作用,另一台服务器拒绝了我的资源(生成一个 http 403 错误).我正在做一些搜索并偶然发现了这个 http://support.microsoft.com/kb/178066 并且我已经尝试了 https 和 http 中的 html 页面,并且对于我正在连接的服务器进行了相同的操作,但是我在 Internet Explorer 中什么也没有.我该怎么做才能解决这个问题?
it seems I have run into a problem with Internet Explorer 7.I have an html page that has links to files on another server. The server I am linking to checks the referrer of the request and if the referrer is valid, it allows access to the resource. It works fine in firefox 2 and 3 (as the server my html page is located on is a valid referer) but in internet explorer it doesn't work, the other server denies me the resource(generates an http 403 error). I was doing some searching and stumbled on this http://support.microsoft.com/kb/178066 and I have tried the html page in both https and http and same thing for the server I am connecting to but I get nothing Internet explorer. what can I do to work around this?
谢谢
推荐答案
您可能想要使用不同的机制.推荐人很容易被欺骗.检查引用确实不是一个好的安全解决方案,如果它们会让你头疼,也许你想找到另一种方法.
You may want to use a different mechanism anyway. Referrers are easily spoofed. Checking referrers really isn't a good security solution, and if they're going to cause you headaches like this, maybe you want to find another way.
例如,生成第一个页面的服务器可以向第二个服务器的 URL 添加授权令牌,第二个服务器可以检查令牌是否有效.这样,所有细节都在您的控制之下,您唯一指望的浏览器行为就是将完整的 URL 发送到第二台服务器.
For example, the server generating the first page could add an authorization token to the URLs to the second server, and the second server could check that the tokens are valid. This way, all of the details are under your control, and the only browser behavior you're counting on is that the full URL is sent to the second server.
这篇关于Internet Explorer http 引荐来源问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!