Menu
On a server, is it possible to identify requests made by a Flash client running in the browser vs. requests made by a regular XMLHttpRequest?
I noticed that requests made using a flash, have this header:
X-Requested-With:ShockwaveFlash/25.0.0.127
Is this a standard header, or is this is behavior different for different browsers \ flash versions?
604
You can use HTTP header Referer to check whether a request is made by Flash or JavaScript. If a request is made by Flash, then the Referer would be the URL of the .swf object. Thus, if the Referer URL contains .swf resource, the request must come from Flash.
According to ActionScript 3.0 document, Referer is a restricted header and cannot be defined by end user. In JavaScript side, unless hacked by JS programmer, it is very unlikely to see an HTTP request whose Referer is .../xxx.swf.
For X-Requested-With, it is not a standard HTTP header and cannot be trusted. Even in URLRequest API, X-Requested-With is not restricted and can be defined by end user, refer to doc.
193
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
