I want to set a request header for a url xyz.com
is it the right way to set it in php?
header('Authorization: AuthSub token="xxxxxx"');
header('location:https://www.google.com/accounts/AuthSubRevokeToken');
I am trying to set the header for this URL for a call.But the Authorization: AuthSub header doesnt shows up in the request headers section of the FireFox NET panel.Which is used to show the requests.
Any idea about it?
Thanx.
I was using curl previously,But it didnt seemed to issue any request as i cant see it in the NET panel of FireFox.
Code is as follows:
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL,"https://www.google.com/accounts/AuthSubRevokeToken");
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_FAILONERROR, true);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($curl, CURLOPT_HTTPHEADER, array('Authorization: AuthSub token="1/xxx"'
));
$result = curl_exec($curl);
curl_close($curl);
echo 'hererer'.$result;exit;
header sets response headers, not request headers. (If you were trying to send a HTTP request elsewhere, it would have no effect.)
Please also note what the manual says about Remember that header() must be called before any actual output is sent, ....
And turn on error_reporting(E_ALL); before using header() to see if that is the issue for you.
Header names and values need to be separated by one colon plus a space, so the location "header" is just wrong, it should be:
header('Location: https://www.google.com/accounts/AuthSubRevokeToken');
(It's common to write the case this way, too, but not a need)
Next to that the header function is setting response headers, not request headers. So you're basically using the wrong tool.
In PHP you can not set request headers, that's part of the client (e.g. browser), not the server. So header just looks wrong here. Which HTTP client are you using?
A call, as in using CURL to request another page? The header() function applies only for web-browser<->server communications. It cannot affect any requests your server-side script does to other webservers. For that, you need to modify the particular method you're using, e.g. curl or streams.
For curl, see CURLOPT_HTTPHEADER here: http://php.net/curl_setopt
Related
I'm confused about why there are two options related to setting the request type. They seem redundant to me. From the PHP manual page for curl_setopt():
CURLOPT_POST
TRUE to do a regular HTTP POST. This POST is the normal application/x-www-form-urlencoded kind, most commonly used by HTML forms.
CURLOPT_HTTPGET
TRUE to reset the HTTP request method to GET. Since GET is the default, this is only necessary if the request method has been changed.
If I'm understanding this correctly, by default cURL makes GET requests, but the request type can be changed to POST by doing:
curl_setopt($ch, CURLOPT_POST, true);
However, to change back to GET requests, in addition to doing this:
curl_setopt($ch, CURLOPT_POST, false);
You also have to do this?
curl_setopt($ch, CURLOPT_HTTPGET, true);
You need to look at the libcurl documentation for further insight into the differences between the options as they are quite subtle. The key seems to be if you're reusing the curl handle between requests.
CURLOPT_HTTPGET: Forces the HTTP request to get back to using GET, if a POST, HEAD, PUT, etc has been used previously using the same curl handle.
CURLOPT_POST: Regular POST request using a "Content-Type: application/x-www-form-urlencoded" header which is typically the kind used when submitting HTML forms. The header can then optionally be overriden using CURLOPT_HTTPHEADER.
I'm using this code for to fake the referrer of a user when he clicks on my link, to make it look like he's coming from Facebook:
<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://bit.ly/randomurl');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_REFERER, 'https://www.facebook.com/')
$html = curl_exec($ch);
?>
But it doesn't seem to be working, as the referrer I see is the url of the code above.
How can I fix it? And I really could appreciate some help with the coding as I'm not a coder.
I'm using Live HTTP Headers from Mozilla
You are examining the headers sent by Firefox, but the referer header you are setting manually is being sent by PHP/cURL. That is a different HTTP client and a different set of HTTP requests.
Firefox will request your PHP program (and send normal referer headers to it).
Your PHP program will request http://bit.ly/randomurl (and send the referer header you manually specify to it).
http://bit.ly/randomurl will respond to your PHP program.
Your PHP program will respond to Firefox.
I have, of course, read several questions with exactly this asked, but I have to say it didn't work for me at all. What I am about to accomplish is
sending 'X-Requested-With: XMLHttpRequest' header via PHP and curl
sending other http request headers via PHP and curl
provided solutions didn't work for me.
How do I know I'm not sending right http request headers?
Simply by
(1)comparing real headers generated by XMLHttpRequest(triggering JQuery click) and those simulated by PHP and curl in Firefox add-on Live HTTP headers
(2)Print_r() -ing $_SERVER variable in target script
What do I get that is incorrect/below my expectations?
First and most important:
Firefox Live HTTP headers does not capture my headers (just like they don't exists).
Second, by print_r($_SERVER):
if I get anything of simulated headers at all, I get [HTTP_X_REQUESTED_WITH] => XMLHttpRequest - not the: [X_REQUESTED_WITH] => XMLHttpRequest.
That problem persists almost for any header I send via curl_setopt($ch, CURLOPT_HTTPHEADER, $curl_header) - any of these is being prefixed with 'HTTP' ('Header1: value1' - I get 'HTTP_HEADER1').
I'm using XAMPP with PHP version 5.4.7, CURL 7.24.0 .
Before I ask if what I'm trying to accomplish is possible or maybe not and say thanks in advance for responses, it's not bad idea to provide my code - one of many code solutions that I've tried.
$curl_header = array('X-Requested-With: XMLHttpRequest');
$data = "name=miloshio"; // just to be sure I'm doing the POST request
$ch = curl_init('http://example.com/test.php');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, $curl_header);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$result = curl_exec($ch);
echo $result;
Sum of my questions:
Is it possible to send exactly 'X-Requested-With: XMLHttpRequest'
header via PHP and curl?
Is it possible to avoid attaching 'HTTP_' prefix to custom headers
send by PHP and curl?
Are there well-known limitations in matter of using PHP and curl?
Firefox Live HTTP headers won't show your headers as they're sent by the server to another server and not to the client(browser).
Curl send the headers correctly, using CURLOPT_PROXY You can try to put curl traffic through a debuging proxy like Fiddler if You're using windows for development, I'm sure there are linux alternatives
If you try to get the headers from $SERVER variable, they will be prefixed with HTTP, you can use apache_request_headers to get the headers without HTTP_ prefix.
I am using my webserver for testing, and I am not too sure about how to use the headers of the request right.
It contains of some values that can be set with the curl_setopt() function like the CURLOPT_REFERER, and on the other hand I can simply set up all the header myself using CURLOPT_HTTPHEADER
This is how I am doing this now:
curl_setopt($curl, CURLINFO_HEADER_OUT, true);
$headers=array("Host: localhost/mySite/index.php","Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8","Accept-Language: en-us,en;q=0.5","Accept-Encoding: gzip, deflate","Connection: keep-alive","Referer: https://localhost/mySite/index.php");
curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
But some issues rise when I set the cookie for example.
I see in my webrowser that I have on the very first request a cookie value:
Cookie: ASP.NET_SessionId=rrnrwk453nraysm4u1adlrjk;
ASPSESSIONIDQCDSDBDD=DLHLOOIAJEMBHJODKPGMNEED; ASPSESSIONIDQADQDACD=EMNBELFBMNKGBFKIOOHFPPGI
and for the much that I know the cookie is a response from the server, so this doesn't quite makes sense for me.
My question is, what should I do if I wanted to imitiate my webrowser, how should I go about this?
How do I build the REQUEST HEADER? is it simply copying the contents of HTTPLiveHeaders ?
But what about the cookies ?
Am I doing things right here ?
I'm trying to perform a redirect using cURL. I can load the page fine, that's not a problem, but if I load say google.com non of the images load and the site does not work (obviously because its just printing the HTML and not actually doing a redirect).
Is there any way to perform a redirect using cURL? Sort of similar to how ...
header("Location: http://google.com");
... works?
Any help would be much appreciated.
Well, from my understading, it seems like OP want's to redirect the user to the search results URL.
Using the GoogleAPI would be a first choice and to achieve something like that, I would do this:
<?php
$query = "firefox";
$apiUrl = "http://ajax.googleapis.com/ajax/services/search/web?v=1.0&q=".urlencode($query);
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $apiUrl);
$content = curl_exec($ch);
$content = json_decode($content);
$luckyUrl = $content->responseData->results[0]->unescapedUrl;
header("Location: ".$luckyUrl);
?>
The code above works like 'I feel lucky'....
Use curl with -L
-L/--location
(HTTP/HTTPS) If the server reports that the requested page has
moved to a different location (indicated with a Location: header
and a 3XX response code), this option will make curl redo the
request on the new place. If used together with -i/--include or
-I/--head, headers from all requested pages will be shown. When
authentication is used, curl only sends its credentials to the
initial host. If a redirect takes curl to a different host, it
won't be able to intercept the user+password. See also --loca‐
tion-trusted on how to change this. You can limit the amount of
redirects to follow by using the --max-redirs option.
When curl follows a redirect and the request is not a plain GET
(for example POST or PUT), it will do the following request with
a GET if the HTTP response was 301, 302, or 303. If the response
code was any other 3xx code, curl will re-send the following
request using the same unmodified method.
So when using cURL
add
curl_setopt($process, CURLOPT_FOLLOWLOCATION, 1);
I'm afraid it is impossible to force the client's browser to send certain POST values and refers, you can only force it to go somewhere, hence header().
Does this answer your question?
It's should to work.pls try this: header( 'Location: http://www.google.com' ).Use the (')single cote instead of "(double)