Y
Y
yagipen2021-11-19 22:16:22
PHP
yagipen, 2021-11-19 22:16:22

How to prevent PHP from following HTTP Location header?

Now I'm testing the security of my site, for technical reasons I can't prevent users from viewing directories through the .htaccess file, so I redirected it to the same directory. As a result, when receiving from PHP, I observe HTTP/1.1 301 Moved Permanentlywhether it is possible to somehow bypass the redirect from PHP and wait for the output of the web server?

Answer the question

In order to leave comments, you need to log in

3 answer(s)
D
DevMan, 2021-11-19
@yagipen

no way. just don't send it.
and, for those who are in the tank, the client follows the location, not the elephant.
and directory browsing is prohibited by other means.

I
Ipatiev, 2021-11-20
@Fockker

The question is rare in its meaninglessness.
And from the very beginning. Why on earth does "prohibit directory browsing" have anything to do with "site security"?
Then it's funny. What are these "technical reasons" that allow you to write some kind of, most likely, RewriteRule in .htaccess, but suddenly do not allow you to write Options -Indexes?
Then comes some kind of madness, "I can't forbid, so I redirected to it." STA? Maybe after all not on him, but from him?
Well, the icing on the cake - it turns out that the security of the site depends on the ability of PHP not to respond to the redirect. The entire infrastructure of the world, the security of banks and nuclear power plants is at stake: the question of the century: should puff-puff headlines or not.
I'm not talking about the fact that "PHP" does not follow any headers. There are several different ways to make an HTTP request from PHP, and accordingly, for each method, the prohibition of following the Location header will be different. That is, without specifying the way in which the request is made, it is somewhat naive to hope for an answer.

S
SagePtr, 2021-11-20
@SagePtr

Pull through curl and see if it returns anything besides the header or not.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question