On Tuesday 21 June 2005 23:05, bruce wrote: > if i'm the server app, and you tell me that you're IE, v.6, i'd like > the ability to somehow be able to gather information from you, such > that i can then check with msoft to see if your answers match what > msoft claims the answers should be. if you give wrong answers, i can > then make a determination as to whether i want to talk with you, or > perhaps limit the amount/type of information i allow you to access... Aside from the fact there doesn't seem to be anything in the HTTP spec which would allow this kind of querying, what's to stop someone from writing a client that will spit the same response as IE? > this kind of approach goes beyond the 'user/access string' and can > actually get to be rather difficult to spoof, or to break... As there are no existing mechanisms of this kind you would have to create a whole new standard. Then persuade the browser makers to adopt it. Otherwise your server will have no clients to talk to. Still, you haven't really explained why you need to only talk to "real" browsers (real in the sense that they're not "hacked up" as you put it). What's to stop a bad guy using a "real" browser talking to your server and getting some information and doing something bad with that information? What are you trying to prevent? -- Jason Wong -> Gremlins Associates -> www.gremlins.biz Open Source Software Systems Integrators * Web Design & Hosting * Internet & Intranet Applications Development * ------------------------------------------ Search the list archives before you post http://marc.theaimsgroup.com/?l=php-general ------------------------------------------ New Year Resolution: Ignore top posted posts -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php