Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

Re: $ENV{HTTP_REFERER} Problem on a Windows Client

by fruiture (Curate)
on May 24, 2004 at 12:03 UTC ( #355872=note: print w/replies, xml ) Need Help??

in reply to $ENV{HTTP_REFERER} Problem on a Windows Client

The "Referer" is something you can NEVER rely on. It's completely up to the user-agent whether it is sent at all and what's in it. Even if the referer was your script1.cgi would not mean that the user has ever triggered that URL, it might be, the user might also trick you. IE seems to treat Javascript-redirects as something without referer, that's up to him and OK, just as it is OK when Mozilla thinks otherwise.

If you want to make sure your second script is run, you must not rely on the client: Javascript is not supported by all browsers and not actived by all users, HTML-redirects (http-equiv="refresh") may be ignored, as well as a Staus 301/302/303 HTTP-Redirect. You must solve the problem within the server. Maybe by using exec, or do, or require, or by turning script2.cgi into a Perl Module and use that module from script1.cgi ...

  • Comment on Re: $ENV{HTTP_REFERER} Problem on a Windows Client

Replies are listed 'Best First'.
Re: Re: $ENV{HTTP_REFERER} Problem on a Windows Client
by soon_j (Scribe) on May 24, 2004 at 12:11 UTC

    I am using it as a "crude" way to sort of detect if a session id is called directly or from a script. I am trying to avoid session replaying or hijacking by trying to determine if the session id is validly passed from the script or not.

    Though my session id's expire after "n" minutes, if the session is replayed within the "n" period, this is still possible, but this is not what I wanted. Do you have some sort of "sanity check" suggestions?

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://355872]
[stevieb]: can anyone recommend a good IDE for C programming that has *proper* vim plugin support? I've tried Eclipse, Netbeans etc and just can't get anything to work properly on Linux. I'm open to paying, but not on some monthly/yearly plan (just a one-off cost)
[stevieb]: I'd go with CLion as it's very similar to what I use already (intelliJ for Perl, Pycharm for Python), but it's a recurring fee every year

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (5)
As of 2017-01-18 19:07 GMT
Find Nodes?
    Voting Booth?
    Do you watch meteor showers?

    Results (163 votes). Check out past polls.