Is there a way to only allow calls to come into a script through AJAX and not allow end users to access the page directly?
可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效,请关闭广告屏蔽插件后再试):
问题:
回答1:
Short answer: Nope.
Long answer: AJAX is absolutely similar to "direct" access to the url. There is literally no difference between them. Actually there is: only one header that can be forged easily
![Prime Path[POJ3126] [SPFA/BFS]](https://oscimg.oschina.net/oscnet/e1200f32e838bf1d387d671dc8e6894c37d.jpg "Prime Path[POJ3126] [SPFA/BFS]")
