> A firewall would have to _strip_ the referer header from > the HTTP request... a lot of work, and I can't imagine what > additional security would be gained from doing this.
Imagine that you've got a relatively unsavory site with a bunch of links to less unsavory sites. You might not want to have the "good" site log the fact that you came from the "bad" site. A minor issue, but there are those concerned enough about their privacy to care about this. In any case, it's not a lot of work for a firewall to strip that one header. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ voice: (202) 797-5496 fax: (202) 797-5444 ______________________________________________________________________ Get the mailserver that powers this list at http://www.coolfusion.com FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
