On Tue, May 18, 2004 at 11:41:02PM +0200, Ronny Schedel wrote: > the sv_downloadurl is not protected. If I use > developer 1 on clientside, there is a debug > message with the full download URL. This needs > to be fixed. Also banner.gif is requested from > the webserver, but is never shown clientside.
Next thing will be complaints the download URL is visible in your proxy server log? Or when running a packetsniffer? There will always be a way for the user to find out the URL. Best suggestion I've seen so far is to let the HL client send a referrer header with HLDS ip:port, which the webserver can filter on. Maarten _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds
