1. 首页
  2. 问题
  3. get_headers不一致
一尘不染

get_headers不一致

php

运行以下代码

var_dump(get_headers("http://www.domainnnnnnnnnnnnnnnnnnnnnnnnnnnn.com/CraxyFile.jpg"));

对于任何不存在的域或URL,返回HTTP 200而不是404

Array
(
    [0] => HTTP/1.1 200 OK
    [1] => Server: nginx/1.1.15
    [2] => Date: Mon, 08 Oct 2012 12:29:13 GMT
    [3] => Content-Type: text/html; charset=utf-8
    [4] => Connection: close
    [5] => Set-Cookie: PHPSESSID=3iucojet7bt2peub72rgo0iu21; path=/; HttpOnly
    [6] => Expires: Thu, 19 Nov 1981 08:52:00 GMT
    [7] => Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
    [8] => Pragma: no-cache
    [9] => Set-Cookie: bypassStaticCache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; httponly
    [10] => Set-Cookie: bypassStaticCache=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; httponly
    [11] => Vary: Accept
)

如果你跑

var_dump(get_headers("http://www.domain.com/CraxyFile.jpg"));

你得到

Array
(
    [0] => HTTP/1.1 404 Not Found
    [1] => Date: Mon, 08 Oct 2012 12:32:18 GMT
    [2] => Content-Type: text/html
    [3] => Content-Length: 8727
    [4] => Connection: close
    [5] => Server: Apache
    [6] => Vary: Accept-Encoding
)

它们get_headers被证明是验证现有URL的解决方案的实例很多

这是Bug还是get_headers不是验证URL的可靠方法

观看现场演示

更新1

发现CURL也有同样的问题

$curl = curl_init();
curl_setopt_array($curl, array(CURLOPT_RETURNTRANSFER => true,CURLOPT_URL => 'idontexist.tld'));
curl_exec($curl);
$info = curl_getinfo($curl);
curl_close($curl);
var_dump($info);

阅读 274

收藏
2020-05-29

共1个答案

一尘不染

问题与域名的长度无关,只是域名是否存在。

您正在使用DNS服务,该服务将不存在的域解析到服务器,该服务器为您提供“友好的”错误页面,该页面返回200响应码。这意味着它也不是一个问题get_headers(),它完全依赖于合理的DNS查找。

在不对所使用的每个环境进行硬编码的情况下解决此问题的方法可能类似于以下内容:

// A domain that definitely does not exist. The easiest way to guarantee that
// this continues to work is to use an illegal top-level domain (TLD) suffix
$testDomain = 'idontexist.tld';

// If this resolves to an IP, we know that we are behind a service such as this
// We can simply compare the actual domain we test with the result of this
$badIP = gethostbyname($testDomain);

// Then when you want to get_headers()
$url = 'http://www.domainnnnnnnnnnnnnnnnnnnnnnnnnnnn.com/CraxyFile.jpg';

$host = parse_url($url, PHP_URL_HOST);
if (gethostbyname($host) === $badIP) {
  // The domain does not exist - probably handle this as if it were a 404
} else {
  // do the actual get_headers() stuff here
}

您可能希望以某种方式缓存对的第一次调用的返回值gethostbyname(),因为您知道自己正在查找不存在的名称,这通常需要几秒钟的时间。

2020-05-29