CURL User Agent

Question

CURL User Agent

So, how can I test the use of codeigniter if the client is curl, and then return something else for it?

+6

php curl codeigniter user-agent

macintosh264 Nov 19 '11 at 14:49

source share

4 answers

If you want to detect bots, you cannot rely on a user agent. Best practics:

Verify that your visitor is launching js (not all users also work).
Check that your visitor is downloading additional files related to the web page (css, images, etc.).
Check visitors timeouts. People usually do not load 10 pages per second.

+3

Orroboros102 Nov 19 '11 at 15:32

source share

cURL means: - The client library of URLs, and its whole purpose is to make requests identical to what the client would do.

The only thing you can do is to discover information that is part of the request, such as IP address, HTTP header, cookie, cookie, URL (path / page) and any post / get data. If the person using the curl to execute the request executes it from the expected IP address and provides any expected header / cookie / token / URL / column / recipient values, then you will not be able to distinguish the hang request from the browser making the request.

+2

Kamil Lach Nov 19 '11 at 14:57

source share

You can trick or tune the user agent header when using cURL, so it will not be reliable.

Otherwise, you can do this:

 if(strtolower($this->input->server('HTTP_USER_AGENT', true)) == 'curl') { // Is using cURL }

This will only happen if the cURL request contained curl in the user agent header.

As far as I know, when executing a curl request, the default user agent is not installed.

+1

Macmac Nov 19 '11 at 14:57

source share

Pranav hosangadi · Accepted Answer · 2011-11-19T15:03:26+0000

You can fake a user agent when using cURL, so it makes no sense depending on the sender of the user when you KNOW his cURL request.

For example: I recently wrote an application that receives pagerank URLs from Google. Now Google dislikes this, so it only allows a specific user agent to access its pagerank servers. Decision? Trick the user agent using cURL and Google won't get any wiser.

Moral of the story: cURL JUST NOT user agents are reliable.

If you still want to do this, you should be able to get the transferred user agent, as usual,

$userAgent=$_SERVER['HTTP_USER_AGENT'];

EDIT A quick test showed this:

dumpx.php:

 <?php $url="http://localhost/dump.php"; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); if($_GET['u']==y) { curl_setopt($ch, CURLOPT_USERAGENT, "booyah!"); } curl_setopt($ch, CURLOPT_RETURNTRANSFER, 0); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 2); curl_setopt($ch, CURLOPT_TIMEOUT, 60); //curl_setopt($ch, CURLOPT_CUSTOMREQUEST,'GET'); curl_setopt ($ch, CURLOPT_HEADER, 0); $exec=curl_exec ($ch); ?>

dump.php:

 <?php var_dump($_SERVER); ?>

Case 1: http: //localhost/dumpx.php? U = y

  'HTTP_USER_AGENT' => string 'booyah!' (length=7)

Case 2: http: //localhost/dumpx.php? U = n

No $ _SERVER ['HTTP_USER_AGENT']

This proves that there is no default user agent for curl: it just won't pass it in the request header

CURL User Agent

More articles: