On 2/15/07, R P Herrold <herrold@xxxxxxxxxxxx> wrote:
On Thu, 15 Feb 2007, Dennis Gilmore wrote: > Did you look at the code like i asked last time ? IP's are > not collected. the data is transmitted by post so there is > is no way to tie a UUID to an ip ummm ... don't be silly -- it is trivial to associate an originating IP to a POST This test widget at http://www.herrold.com/post/ has this HTML code to the client: <form method="post"> Digits only please: <input type="text" name="acme"><br> <input type="submit" name="show" value="show"> </form> and reveals the REMOTE_ADDR quite readily. The source PHP may be viewed at: http://www.herrold.com/post/index.phps -- Russ Herrold
I have to agree with this. Not that I think that this is specifically a problem. But it was false to imply that an HTTP Post is immune to IP harvesting. -- Fedora Core 6 and proud -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
