On Tue, Aug 10, 1999 at 11:44:11AM +0100, kevin lyda wrote:
>> can you always trust the referrer? just curious from an ignorant point
> of view.
Any part of the request can be forged or munged, so no, you can't.
This means that "block all accesses except with a referrer from my
site" is bad practice. However, since the objective is just to stop
ordinary browsers coming from a remote site, "block only accesses with
a referrer from this particular site" will probably suffice, since
the large majority of HTTP requests have referrer info intact.
Dave
--
----------------------------------- dave.wilson at heanet.ie Dave Wilson, HEA-NOC
HEAnet Limited, Marine House, Clanwilliam Court, Dublin 2 Tel: +353-1-662-3412
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
