I know similar questions have been asked before but I haven't been able to implement any of them successfully. I also know the security implications of using the referer header but i'm okay with that.
I have a webpage and a directory
page1.php
/content/all_of_my_content_files
I'm using iframes to access everything in the content directory but I would only like this content accessible from page1.php (no other page should be able to access this directory)
I've read the easiest way to do this is to use .htaccess in that directory to check the http_referer, except I'm not to sure on how to do this.
Essentially what I would like is to check if the http_referer exactly matches the url of page1.php and if it doesn't to redirect back to page1.php (there are security checks on page1.php that validates the user is logged in)
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
