On Aug 8, 2006, at 8:25 AM, Frash wrote:
In that case it'd be a wise idea to only allow requests with the server IP referrer AND no referrer at all. (Since it's impossible for "evil" admins to strip the referrer, only people with a stripped referrer would be able to download stuff, the other 90% would be unable to.)
Stripping the referrer is as easy as copying the link and pasting into your address bar, and hitting enter. There's really no reasonable way to do this in a fashion that will work in every case. A referrer check will solve most of the problems, but if someone wants the files on a public webserver and they know the url, they're going to get them. -- Erik Hollensbe [EMAIL PROTECTED] _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
