On Tue, Mar 11, 2003 at 07:34:40PM -0500, Fred Sahakian wrote: > I may be wrong, but some browser have problems giving referers > properly causing your visitor not to be able use your CGI.
On a related note, referers can be set to anything the user-agent wants. While browser bugs might be an issue, malicious user-agents would probably cause more problems. Checking the referer on a form is no way to make sure it's being submitted from the right place. It can be spoofed too easily. Make sure referer-checking isn't your only line of defense... -- Michael [EMAIL PROTECTED] http://www.jedimike.net/ -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
