The following is the encryption and decryption of PHP
$g_v = get_post_meta($post->ID, 'url', true);
function abcEncode($m){
$m = base64_encode($m);
$m = str_replace("Ax","@jkp",$m);
$m = str_replace("ak","@bfg",$m);
$m = str_replace("R","!BeF",$m);
return $m;
}
function abcDecode($m){
$m = str_replace("!BeF","R",$m);
$m = str_replace("@bfg","ak",$m);
$m = str_replace("@jkp","Ax",$m);
$m = base64_decode($m);
return $m;
}
$link = abcEncode($g_v);
?>
Put it in the php file. The iframe calls the encrypted text instead of the original $g_v link. What code is missing to enable the iframe to call the original link and encrypt the source code? As long as the source code looks garbled, it’s fine
Thank you
Reply content:
The following is the encryption and decryption of PHP
$g_v = get_post_meta($post->ID, 'url', true);
function abcEncode($m){
$m = base64_encode($m);
$m = str_replace("Ax","@jkp",$m);
$m = str_replace("ak","@bfg",$m);
$m = str_replace("R","!BeF",$m);
return $m;
}
function abcDecode($m){
$m = str_replace("!BeF","R",$m);
$m = str_replace("@bfg","ak",$m);
$m = str_replace("@jkp","Ax",$m);
$m = base64_decode($m);
return $m;
}
$link = abcEncode($g_v);
?>
Put it in the php file. The iframe calls the encrypted text instead of the original $g_v link. What code is missing to enable the iframe to call the original link and encrypt the source code? As long as the source code looks garbled, it’s fine
Thank you
Refutation is impossible.
Assuming that your idea can be realized, the encrypted address may be '/fdsakj13234@jkp'. If this address is valid, then others can naturally access the address. Otherwise, the address is invalid and the iframe will display 404.
Besides, this assumption makes no sense. People who don't understand won't know the URL by looking at the source code. People who understand can use frames[0].location.href to get the real URL through js.
The person above is right
This is taking off your pants and farting. No matter how you do it, if you want it to be displayed normally, then your link can be accessed
Give you an idea
The address of src is just a disguise, the current content is converted from the value of src