Not only can the user agent string be easly spoofed, but as a result of its abuse by certain webmasters(mostly Banks) Browsers such as Opera, and I believe Konqueror, have a setting that allows you to change the user agent string as a configuration option. The UserAgent is a hint. It is most definatly not a gurantee. On 5/20/05, Graham Anderson <grahama@xxxxxxxx> wrote: > Can the server variable 'user agent' be modified/spoofed by the user? > > I have a bunch movies that I want to only open if the user agent > contains Quicktime Player... > In my case, if the user agent string contains Quicktime Player, a movie > url is written for Quicktime to open.... > If the user agent contains a browser, I want php to deny access....not > write the url for Quicktime to read > > is is possible for a script kiddie to spoof user agent server variables > to fool the server ? > > > many thanks :) > > g > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php