Den.Molib wrote on 6/1/2009 4:55 PM: > follow the last one, as it's the one provided nearer the content.
And by the same logic, the header closest to the content could be the one that was injected by an attacker (via application hole) -- so might choosing the first header be more prudent? - Bil
