Re: Can I prevent Server variables from being spoofed ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Think about it. The server can only tell what the user agent is by what the user reports. For all you know it could just be a perl script or just a terminal session reporting as being Quicktime.
So yes, a script kiddie could spoof the user agent. Heck, some browsers even allow you to specify the user agent you want to report.


On May 20, 2005, at 2:46 PM, Graham Anderson wrote:

Can the server variable 'user agent'  be modified/spoofed  by the user?

I have a bunch movies that I want to only open if the user agent contains Quicktime Player...
In my case, if the user agent string contains Quicktime Player, a movie url is written for Quicktime to open....
If the user agent contains a browser, I want php to deny access....not write the url for Quicktime to read

is is possible for a script kiddie to spoof user agent server variables to fool the server ?


many thanks :)

g

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
Brent Baisley
Systems Architect
Landover Associates, Inc.
Search & Advisory Services for Advanced Technology Environments
p: 212.759.6400/800.759.0577

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux