No such thing as a small change | |
PerlMonks |
Re: SF_form_secureby gellyfish (Monsignor) |
on Oct 24, 2006 at 11:31 UTC ( [id://580241]=note: print w/replies, xml ) | Need Help?? |
I get nervous when I see HTTP_REFER and (unqualified) security mentioned together. Leaving aside the fact that the Referer header is trivially spoofed in a client, many "personal firewalls", proxies and other internet security software will remove or otherwise anonymise the the Referer header: the HTTP Specification makes the suggestion that it might be removed. Beyond that it's not exactly clear how this might be used. /J\
In Section
Code Catacombs
|
|