Re: How secure is this?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Björn, and David said:

Yo, tedd...

[David Tulloh]
 >Your example fails for me, Firefox and Mozilla. The rpc.php file
 >doesn't seem to return anything.
[/David Tulloh]

...it does the same for me... ok, on that way a bot will never get your
mail-adr... ;)

LOL

Björn & David:

The current site renders in Safari, but I failed to check it in BrowserCam for other browsers.

The rcp code checks to see where the request is coming from before doing anything. I'm trying to protect from a directory traversal attack by using:

	if(isset($_SERVER['HTTP_REFERER']))

but apparently, browsers treat that differently -- I didn't know that.

I feel like I'm beating a dead horse that wouldn't pull a wagon anyway, but at least it has been a learning experience for me.

Thanks for your review and effort.

tedd
--
--------------------------------------------------------------------------------
http://sperling.com

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php



[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux