 |
 |
 |
 |
|
|
Date: 05/22/01
- Next message: Alex Black: "Re: [phplib] OT: Need Auth Advice SOLVED"
- Previous message: Padraic Renaghan: "Re: [phplib] OT: Need Auth Advice SOLVED"
- In reply to: Bob Bowker: "[phplib] OT: Need Auth Advice SOLVED"
- Next in thread: Alex Black: "Re: [phplib] OT: Need Auth Advice SOLVED"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Hi --
>
> As is often the case, verbalizing the issue yields the answer ... the
> contents of
> getenv("HTTP_REFERER")
> seem to solve my problem: if it's my own URL, it's a local page requesting
> another, otherwise it's a request from "outside" and I need to refuse entry.
yes, it is incredibly easy to spoof.
all you need to do is open up a telnet session to port 80, and you can tell
the server (supposedly) where you came from.
_alex
---------------------------------------------------------------------
To unsubscribe, e-mail: phplib-unsubscribe <email protected>
For additional commands, e-mail: phplib-help <email protected>
- Next message: Alex Black: "Re: [phplib] OT: Need Auth Advice SOLVED"
- Previous message: Padraic Renaghan: "Re: [phplib] OT: Need Auth Advice SOLVED"
- In reply to: Bob Bowker: "[phplib] OT: Need Auth Advice SOLVED"
- Next in thread: Alex Black: "Re: [phplib] OT: Need Auth Advice SOLVED"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]