> I know what you are saying about CGI variables, lots of talk > about users being able to modify them, whether its true I > don't know. I reckon there are some that can be modified like > user agent etc. but about the rest I don't know, I would > think cgi.https would be passed by the server and not the > browser but I could be totally wrong.
I'd say that you are totally right on that point. there are some variables that can be fudged by the user, such as REFERRER for example, but the ones that relate to server status, like server_name, script_name, etc are defined bythe web server implementation rather than defined by the browser (ie user) and packaged in the request. another reason that you might not want to rely on cgi variables is for portability - not all server implementations will supply the same variables, and not all will supply the same data. for example, iis may set cgi.https, but another server (eg apache) might not, or might set the variable to "true" instead of "yes" and so on. cheers! Mike. +----------------------------------------------------+ | VeriPay mPOS - Anywhere, Anytime | | Puts money in your bank while you're on the road | | Secure Credit Card Transactions via SMS messaging | | From Xilo Online www.xilo.com/mpos | +----------------------------------------------------+
<<attachment: winmail.dat>>
--- You are currently subscribed to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to [EMAIL PROTECTED]
MXDU2004 + Macromedia DevCon AsiaPac + Sydney, Australia http://www.mxdu.com/ + 24-25 February, 2004
