WorldTraffic
более развернуто напишу
сайт1 грузит ифрем
Цитата:
<iframe src="//сайт2.com/old/old"></iframe>
этот ифрейм грузит код в котором еще ифрем
Цитата:
<iframe src="//вот сюда нужно реф сайта1/new/new"></iframe>
сейчас же грузиться реф сайта2
Alexs
WorldTraffic писал:
грузит ифрем
а если без iframe
01112.html
Цитата:
<html>
01112.html
<object data="http://1.0.1.2/1112.html" width="800" height="800">
<embed src="http://1.0.1.2/1112.html" width="800" height="800"> </embed>
Error: Embedded data could not be displayed.
</object>
1112.html
Цитата:
<html>
1112.html
<object data="http://1.0.1.2/111.html" width="600" height="400">
<embed src="http://1.0.1.2/111.html" width="600" height="400"> </embed>
Error: Embedded data could not be displayed.
</object>
111.html
Цитата:
<html>
test
</html>
в логах вижу такое
Цитата:
1.0.1.2 - - [06/Sep/2019:13:16] "GET /01112.html?2=345345 HTTP/1.1" 200 483 "-" "Mozilla/5.0 (X11; Linux x86_64;
1.0.1.2 - - [06/Sep/2019:13:16] "GET /1112.html HTTP/1.1" 200 488 "http://10.0.1.2/01112.html?2=345345" "Mozilla/5.0 (X11; Linux x86_64;
1.0.1.2 - - [06/Sep/2019:13:16] "GET /111.html HTTP/1.1" 200 4935 "http://1.0.1.2/1112.html" "Mozilla/5.0 (X11; Linux x86_64;
зы:
по поводу ифрем
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/iframe
Цитата:
referrerpolicy
Indicates which referrer to send when fetching the frame's resource:
no-referrer: The Referer header will not be sent.
no-referrer-when-downgrade (default): The Referer header will not be sent to origins without TLS (HTTPS).
origin: The sent referrer will be limited to the origin of the referring page: its scheme, host, and port.
origin-when-cross-origin: The referrer sent to other origins will be limited to the scheme, the host, and the port. Navigations on the same origin will still include the path.
same-origin: A referrer will be sent for same origin, but cross-origin requests will contain no referrer information.
strict-origin: Only send the origin of the document as the referrer when the protocol security level stays the same (HTTPS→HTTPS), but don't send it to a less secure destination (HTTPS→HTTP).
strict-origin-when-cross-origin: Send a full URL when performing a same-origin request, only send the origin when the protocol security level stays the same (HTTPS→HTTPS), and send no header to a less secure destination (HTTPS→HTTP).
unsafe-url: The referrer will include the origin and the path (but not the fragment, password, or username). This value is unsafe, because it leaks origins and paths from TLS-protected resources to insecure origins.