On 11/15/06, gdwfkd@xxxxxxxxx <gdwfkd@xxxxxxxxx> wrote:
Is it possible to display a different URL than the actual site that the browser is contacting in the address portion of a browser? I had thought the only options for the URL were either the actual site, or the proxy server site in the instance where you are using a proxy. I'm asking this as a security question. If a user gets an email and clicks on a link (the HREF can say anything it wants), is it possible to have the browser show http://www.citibank.com in the address bar when it's really connected to some Chinese malware site? I know that there are exploits out there for IE, but lets assume I've got fully patched IE or Firefox and that we don't have some bizarre DNS tainting or the like going on.
I'm not sure why this question is here; it has nothing directly to do with Apache. The answer is, excluding browser bugs, it is impossible for someone who does not control a site to make that site appear in the location bar. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx