Noticed that token information when sent to a 3rd party service in the in format "https://domaindotcom/login/token/blah.blah.blah.blah" works fine when copying and pasting it into the browser.
Now, when the same token is sent from a webpage sitting on an internal website via a PHP redirect (using the header function) we get issues. The redirect executes, the token triggers the event with the vendor, but it fails to finalize.
The page sits on a web server which is NOT accessible by the world.
Differences perhaps in what information gets sent out via these two methods?
Would a browser send more info when a PHP script is triggered on it such as referer?
Perhaps referer information received via the PHP header redirect function, and the vendor attempts to ping back (if their server detects a referer), but since the server is not accessible it may be flagged and process killed?
Would appreciate thoughts and ideas on what may be happening. Thank you!
question from:
https://stackoverflow.com/questions/65848881/redirect-to-url-via-header-vs-copying-pasting-url-in-browser 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
