You alter/assign referrer, either in perl scripting or browser plugin.
Yes, but that does not matter. The idea is that $ENV{'HTTP_REFERER'} is set to some nonsense only if running as CGI. Unfortunately, this is not entirely true. Clients can choose not to send a Referer header, so you might run a CGI with $ENV{'HTTP_REFERER'} not set. Using $ENV{'GATEWAY_INTERFACE'} should be reliable. It is set by the webserver, it is always set, and it is set to a constant value independent from the HTTP request.
Alexander
--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
| [reply] [d/l] [select] |
| [reply] |
How about this scenario. The script takes plain text from forms input as a parameter and encrypts it using GnuPg then emails the result to us. So yes it would be nice if it were not public accessible from a browser.
| [reply] |