Tips Application Architecture
Application Architecture
Derefer Sites
by: Jens Daumann
|
September 10, 2000
TIP Difficulty: Beginner
Your member would be very angry with you. To protect your members against this mechanism you should use a so called "Dereferer". This is a script which is called whenever a user clicks on a link on your site. If www.big-bad-hacker.com now reads out the referer it is capturing the URL of the dereferer page which does not contain the session id.
The HTTP Protocol provides the header REFERER containing the last visited URL by the user. Sometimes this is very useful, but also a security risk. All information of an query string appended to the URL by a ? are send to another server.
Especially this is a risk when the programmer of a PHP script transfer a session ID in this querystring. All servers linked , e.g. in an members section, can read out the session ID by using the referer header.
Imagine you linked the www.big-bad-hacker.com, a script on this server discover by calling a script that you came from www.my-good-site.com/members.php?session_id=123456789 and now opens in the same script the members site and download some security related information from your members site, e. g. the members credit card number.
Here the code Solution:
Set all links as follows: <a href="dereferer_script.php?site=%original site%"> replace %orginial site% with the original link, e.g. www.big-bad-hacker.com.
<?
header("Location: " . $site );
?>
Easy but useful, if you use session managment like in PHP4 you can forget the dereferer.
Excuse failures in this text, my english is not perfect.
PHPBuilder
Policies
PHP Developer
Topics
PHP Developer
Resources
PHP Developer
References
