How can an embedded website tell who is embedding it?

Question

I have a simple HTML website www.some_website.com. On the index.html page, I am embedding an external php script called embedded_site.php from an external source.

I am using the <embed> tag to embed the php script into the website like so.

<body>
  <div style="width:100%; text-align:center;">  
      <embed type="text/html" src="https://myotherwebsite.com/embedded_site.php">
  </div>
</body>

How can the embedded_site.php detect which site is embedding it?

+---------------------------------+
|      www.some_website.com       |
|   +-------------------------+   |
|   | embedded_site.php       |   |
|   | detected: embedded by   |   |
|   | some_website.com!       |   |
|   +-------------------------+   |
|                                 |
+---------------------------------+

I have tried in embedded_site.php:

<?php echo($_SERVER['REMOTE_ADDR']);?>

but that gives me the IP of the client, not the embedding site www.some_website.com.

Intended Purpose

If the embedded_site.php script is embedded on the wrong site, it needs to be able to detect that and disable itself.

[https://stackoverflow.com/questions/5404811/php-get-domain-name](https://stackoverflow.com/questions/5404811/php-get-domain-name). — Sfili_81, Sep 26 '18 at 07:00
Are you looking for: gethostname(); Or, an option that also works before PHP 5.3 php_uname('n'); http://php.net/manual/en/function.gethostname.php — E3Im, Sep 26 '18 at 07:12
@Mike that only returns the name of the server, not the public IP — Oscar Chambers, Sep 26 '18 at 07:16

score 1 · Answer 1 · answered Sep 26 '18 at 07:11

1

what about this:

$_SERVER['REQUEST_URI']

instead of

$_SERVER['REMOTE_ADDR']

answered Sep 26 '18 at 07:11

Dato DT

129
1
1
9

That would return "/php/embedded_link.php" but I need the url of the website that is embedding the page – Oscar Chambers Sep 26 '18 at 07:15

How can an embedded website tell who is embedding it?

1 Answers1