Home/ Questions/Q 8623043
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T07:11:31+00:00

I am working on a live weather data page. Our weather module outputs the

  • 0

I am working on a live weather data page. Our weather module outputs the data in CSV and stores it on my webserver. I then use a PHP script to translate the CSV into an array and then i encode it in JSON and output it so that my jQuery Ajax script can call it every so often to get the latest data and update the page. This is working great so far.

My question is, how can i prevent the URL used to retrieve the JSON (the URL of the aforementioned PHP script) to be opened and viewed in a browser? I tried adjusting the permissions, but to no success.

Thanks in advance to any who are willing to help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    There is no way of (reliably) identifying a browser as anything that is not some form of “Authentication-Token” can be faked. The server relies on the client to be honest.

    You can detect if a request is an ajax request tho. Here is a link to one way of doing it:

    http://davidwalsh.name/detect-ajax

    This is how he does it:

    /* AJAX check  */
if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
    /* special ajax here */
    die($content);
}

    You will want to reverse the statements in the if since it die()s when the request IS ajax.

    There are other ways of detecting ajax, none of which are 100% secure, including you setting a GET variable that helps you identify an ajax call (but that get variable can also be sent via the browser via the address line so well… you get the picture)

    • 0