I have a PHP server running on Apache, I get lots of request looks like this,
10.1.1.211 - - [02/Sep/2010:16:14:31 -0400] "GET /request?_=1283458471913&action=get_list HTTP/1.1" 200 547 0 "http://www.example.com/request" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8 (.NET CLR 3.5.30729)" 28632 15602
The _ parameter is mysteriously added to the request. I am trying to find out who is doing that.
There is a NetScaler running in front of Apache.
jQuery adds a parameter like that to get around IE's caching.
edit:
it only adds it for get requests, and only if the option cache is false:
cache: false
It could be the JQuery CacheBuster parameter.
Resources :
[jQuery] GData JSON queries "Invalid query parameters:_"
[jQuery] Turn off Cache Busting in $.getScript
Cache-busting
Probably it's a dummy parameter added by the reverse proxy to force non-cached content to be served.
1283458471913 is a unix timestamp in ms, probably a bot/proxy making sure that they get a fresh page and not a cached version.
Could also be jQuery which would cause this for AJAX request of you have the nocache attribute set to true.
if ( s.cache === false && type == "GET" ) {
var ts = now();
// try replacing _= if it is there
var ret = s.url.replace(/(\?|&)_=.*?(&|$)/, "$1_=" + ts + "$2″);
// if nothing was replaced, add timestamp to the end
s.url = ret + ((ret == s.url) ? (s.url.match(/\?/) ? "&" : "?") + "_=" + ts : "");
}
Ajax tools, like jQuery, is able to ask the browser not to cache the requested result, so every request from the loaded web page will travel to web server and get the newest response.
In order to achieve that, set cache flag as false, then an additional query parameter, like _=1234567890, is appended into the request URL. Of course the number is always changing, so the browser thinks it as a brand-new request and won't provide any cached things.
Related
I see some weird code in a site. I am very confused about this. There is the http request that I tested my own server:
http://192.168.1.3/folder/ui/login_html.php/TEST/TEST
The folder named login_html.php and TEST are not exist.I checked the debug information for Chrome.It can properly request files but cannot parse it.debug information
.
It seems that will request all css and js resources which referenced in the login_html.php, And the request is initiated by TEST.
By the way, I did nothing in login_html.php, I just reference files and write some html code.
There is an apache information in access_log and nothing in error_log:
"GET /cos/ui/login_html.php/TEST/js/cloudmanager.js HTTP/1.1" 200 9564 "http://192.168.1.3/cos/ui/login_html.php/TEST/TEST" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.86 Safari/537.36"
I am confused about this.And can someone explain it?
Everything after the ? is the query string.
Often this contains variables in the form var1=value1&var2=value2. In that case, PHP parses these automatically and puts them in the $_GET array.
In your example the query string doesn't contain a normal set of variables, so the $_GET array would likely be little use. However, you could just get the entire query string from the $_SERVER array.
$var = $_SERVER['QUERY_STRING'];
// $var would be "/HOME/getVersion"
simplexml_load_file() does not load XML file when the URL includes an ampersand symbol. I have tried two examples with and without ampersand:
$source1 = simplexml_load_file("http://www.isws.illinois.edu/warm/data/outgoing/nbska/datastream.aspx?id=ncu");
print_r($source1); //works
$source2 = simplexml_load_file("http://forecast.weather.gov/MapClick.php?lat=38.8893&lon=-77.0494&unit=0&lg=english&FcstType=dwml");
print_r($source2); //no output
First example works well as it does not includes ampersand, but the second example does not work as it include ampersand.
I have referenced
simplexml_load_file with & (ampersand) in url with Solr and simplexml_load_file ampersand in url but it did not work.
The issue is not the ampersand in the URL. The issue, instead, is that weather.gov appears to be blocking these types of requests. They will not allow users that do not have a useragent set.
The fastest way to get around this is to set a UserAgent within PHP, which you can do by putting this code above your xml call:
ini_set('user_agent', 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:9.0) Gecko/20100101 Firefox/9.0');
However, I would recommend using CURL instead of simplexml_load_file, as simplexml_load_file is often restricted by server configuration. If you were to do this with curl, you'd want to do something like the first answer here:
SimpleXML user agent
I have tested this locally and got it working just by specifying a user agent.
EDIT: Also, welcome to SO! Be sure to vote often ;D
I have been looking into an option to send data read from an attached file in an Outlook message, directly to a PHP script that will then insert the date in a nice MySQL database.
The extraction of the file and the splitting of data all ok, but here is the trick...
From the internet (here) I found a nice post by Jeremy Slade who has managed to send some data to a cgi scipt, all good.
So, clever as I thought I was, I thought I could re-write this into dealing with a PHP script.
But then the works stopped.
I have shortened the code to below snippet;
Sub TestURL()
Set xhr = CreateObject("MSXML2.XMLHTTP")
URL = "http://somedomain.com/php/test.php"
data = "someVariable=Test"
With xhr
.Open "POST", URL, False
.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
.Send data
End With
End Sub
This should, in theory, open a MSXML2.XMLHTTP request at the given URL and send whatever data with it to the script.
Funny enough, the script is called, but no data is passed ?
I've tried setting the PHP script to both $_GET and $_POST for the [someVariable] element, yet on neither is there any response ?
When I set the PHP to $_GET I matched the VBA MSXML2.XMLHTTP object to "GET" as well and vice versa...
I've tried passing the 'data' variable as argument to the 'function' .send by including it in brackets
i.e.
.send (data)
But this doesn't work either...
I'm a bit at a loss, because the script is called, a dataline is added to the table yet there is not an actual transfer of the 'sent' data ??
I've tried connecting the data string to the URL that is passed to the HTTP object, essentially passing a 'GET' URL to the HTTP object.
i.e.
URL = URL & "?" & data
but to no avail...:-(
The php script works in itself properly, if I pass data directly from the browser
i.e.
http://somedomain.com/php/test.php?someVariable=Test
the data is correctly added and the variable is read...
Can some more enlightened spirits guide me in the right direction ?
20141016 ********** UPDATE **********
Ok, when digging into stuff I found there is also an option to refer to the XmlHttp object as "Microsoft.XmlHttp" ?
Funny enough, when setting the object like that,
i.e.
Set xhr = CreateObject("Microsoft.XMLHTTP")
The code works and the data is added to the table and the .responsText is a success message.
Yet if I return to the original code, I get a PHP error message that tells me that there is an error in my PHP syntax ?? This would imply that the actual 'data' that is being send differs between using "MSXML2.XMLHTTP" and using "Microsoft.XMLHTTP" ???
Have tried to dig out the difference between the two from internet but can't find any post that provides me with a full understanding of the subject ?
Despite the fact that my code now works, I still have the bothering question of not understanding the difference between the two and would appreciate a reply from someone who does :-) As I now have a code that works, but not an understanding of why it works...:-)
Or mroeover not an understanding of why the "MSXML2" option does NOT work...
Much appreciated,
Kindest regards
Martijn
This is not exactly an answer but more like a comment as I lack enough reputation to comment.
The issue can be analyzed using Fiddler which provides details of the requests and responses. I checked the same code as yours in my system with both MSXML2.XMLHTTP and Mirosoft.XMLHTTP objects and found no difference in teh requests. Both of them passed the POST request body containing someVariable=Test to the URL http://somedomain.com/php/test.php.
Here is the raw POST request in both cases:
POST http://somedomain.com/php/test.php HTTP/1.1
Accept: */*
Accept-Language: en-us
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/5.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; .NET4.0C; .NET4.0E; MS-RTC LM 8)
Host: somedomain.com
Content-Length: 17
Proxy-Connection: Keep-Alive
Pragma: no-cache
someVariable=Test
And the response from the sample URL provided:
HTTP/1.1 405 Method Not Allowed
Server: nginx/1.7.6
Date: Thu, 08 Jan 2015 15:23:58 GMT
Content-Type: text/html
via: HTTP/1.1 proxy226
Connection: close
<html>
<head><title>405 Not Allowed</title></head>
<body bgcolor="white">
<center><h1>405 Not Allowed</h1></center>
<hr><center>nginx/1.7.6</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
One question here would be whether the web server in question is expecting further data to be passed by the way of headers (User-Agent, Referer, Cookies etc) or as part of the request body (may be further input elements that are part of the webform)?
I'm using a basic URL shortening script for one of my sites so that I can manage the URLs internally (and have less trailing characters on the urls). It's working well, but I'd like to be able to use Google Analytics to track the clicks.
I've found this: http://code.google.com/p/serversidegoogleanalytics/ which seems to achieve this using events, but I'm not using Zend. It mentions using curl to customise it, but without any knowledge of curl, would it simply be a case of amending this function from within the class:
public function getHttpClient () {
if(!$this->httpClient instanceof Zend_Http_Client) {
include_once("Zend/Http/Client.php");
$this->httpClient = new Zend_Http_Client();
$this->httpClient->setConfig(array(
'maxredirects' => 1,
'timeout' => 4
));
$this->httpClient->setHeaders('Referer', "http://" . self::$trackingDomain . "/");
$this->httpClient->setHeaders("User-Agent", "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7 (.NET CLR 3.5.30729)");
$this->httpClient->setCookieJar();
}
return $this->httpClient;
}
You should be able to convert that to curl quite easily.
Curl is basically.
get a curl handler
configure the request through the handler
do the request and grab the result if you need
Check out the examples page, it's pretty simple
http://au.php.net/manual/en/curl.examples-basic.php
EDIT: there's even examples of Analytics with curl on google..
http://www.electrictoolbox.com/google-analytics-login-php-curl-username-password/
I'm trying to download the contents of a web page using PHP.
When I issue the command:
$f = file_get_contents("http://mobile.mybustracker.co.uk/mobile.php?searchMode=2");
It returns a page that reports that the server is down. Yet when I paste the same URL into my browser I get the expected page.
Does anyone have any idea what's causing this? Does file_get_contents transmit any headers that differentiate it from a browser request?
Yes, there are differences -- the browser tends to send plenty of additionnal HTTP headers, I'd say ; and the ones that are sent by both probably don't have the same value.
Here, after doing a couple of tests, it seems that passing the HTTP header called Accept is necessary.
This can be done using the third parameter of file_get_contents, to specify additionnal context informations :
$opts = array('http' =>
array(
'method' => 'GET',
//'user_agent ' => "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2) Gecko/20100301 Ubuntu/9.10 (karmic) Firefox/3.6",
'header' => array(
'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*\/*;q=0.8
'
),
)
);
$context = stream_context_create($opts);
$f = file_get_contents("http://mobile.mybustracker.co.uk/mobile.php?searchMode=2", false, $context);
echo $f;
With this, I'm able to get the HTML code of the page.
Notes :
I first tested passing the User-Agent, but it doesn't seem to be necessary -- which is why the corresponding line is here as a comment
The value is used for the Accept header is the one Firefox used when I requested that page with Firefox before trying with file_get_contents.
Some other values might be OK, but I didn't do any test to determine which value is the required one.
For more informations, you can take a look at :
file_get_contents
stream_context_create
Context options and parameters
HTTP context options -- that's the interesting page, here ;-)
replace all spaces with %20