我已经设置了一个在线php curl http标头检索器。
如何运作:用户转到URL https://www.example.com/header/,然后有一个输入字段,用户可以在其中输入域名。然后单击提交。然后,PHP使用curl检索网站的http标头。仅当网站有效时,它才会检索在那里输入的标题,否则将等待5秒钟,然后关闭连接。如果该网址无效,则不会执行curl(PHP使用正则表达式来获取该网址)。
但是,如果用户在输入字段中输入“ localhost”,它将检索localhost。如何阻止它从本地网络检索网站?我对此没有任何疑问。所以请帮助我。
它使用的cURL选项是:
curl_setopt($ch, CURLOPT_URL, $domain);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, 1);
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_TIMEOUT_MS, 5000);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
//Is there any option I could use to not allow local network connection?
以防万一,如果拥有完整的代码,这会更容易:
<form action="" method="get">
<p><b><label for="domain">Domain/IP Address:</label></b> <input type="text" name="url" id="url" value="<?=htmlentities($_GET["url"], ENT_QUOTES);?>"> <input type="submit" class="btn home" value="Lookup"></p>
</form>
<?php
$domain = htmlentities($_GET["url"], ENT_QUOTES);
$ch = curl_init();
// set url
curl_setopt($ch, CURLOPT_URL, $domain);
//return the transfer as a string
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
//enable headers
curl_setopt($ch, CURLOPT_HEADER, 1);
//get only headers
curl_setopt($ch, CURLOPT_NOBODY, 1);
curl_setopt($ch, CURLOPT_TIMEOUT_MS, 5000);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
// $output contains the output string
$output = htmlentities(curl_exec($ch), ENT_QUOTES);
$curlinfo = curl_getinfo($ch);
// close curl resource to free up system resources
curl_close($ch);
if($domain) {
if (!preg_match("~^(?:f|ht)tps?://~i", $domain)) {
// If not exist then add http
$domain = "http://" . $domain;
}
if (filter_var($domain, FILTER_VALIDATE_URL)) {
$result = $output;
echo "<div id='result'>";
if (trim($result) != "") {
echo "<pre style='background-color: #EEEEEE; overflow: auto;'><b>\n" . $result . "\n</b></pre>\n";
echo "Took ". $curlinfo["total_time"]. "seconds.";
} else {
echo "<b>Couldn't fetch website. This might be because the website takes more than 5 seconds to load or because the website does not exist.</b>";
}
echo "</div>";
} else {
echo "Invalid Domain/IP!";
}
}
?>