模拟Ajax请求 && Laravel判断Ajax请求原理

06. March 2019 Laravel 0

曾有人告诉我,对到达后端的请求,可进行请求方式判断(主要判断是否为Ajax请求),可抵挡一部分非法恶意请求,在我读过请求头后,模拟了下Ajax请求,再次对互联网数据共享宗旨深信不疑。

1.先看laravel对Ajax的判断

public function ajax()
{
    return $this->isXmlHttpRequest();
}
public function isXmlHttpRequest()
{
   return 'XMLHttpRequest' == $this->headers->get('X-Requested-With');
}

2.模拟Ajax请求

public function test(Request $request)
{
    if ($request->ajax()) {
        return "Ajax请求";
    } else {
        return "非Ajax请求";
    }
}
public function get()
{
    $client = new Client([
        'headers' => [
            "X-Requested-With" => "XMLHttpRequest",
        ],
    ]);
    $result = $client->get("http://local.myuniuni.com/test123");
    $data = $result->getBody()->getContents();
    echo $data;
}
无论什么方式,后端均判断为Ajax请求。

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.