> On Fri, Feb 22, 2008 at 9:34 AM, Guilherme Blanco > <[EMAIL PROTECTED]> wrote: > but suggest a user to check for referer is never a good thing.
And since you said never, there are plenty of cases where a referer check can be used to stop abuse. Consider misappropriation of images as an example: if an img tag on someone else's popular site points to an image on yours, and they are leaching your bandwidth, you can stop it by requiring a valid referer for that image. This is because the vast majority of hits for that image are coming from web browsers, not curl scripts. Anytime you are trying to control browser behavior, as opposed to scripted behaviours, you can "trust" the referer. _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
