Dear Tedd, Dear List, tedd wrote:
As for being "hung-up" -- again, I'm clueless. I mistakenly thought that anything obtained from the browser was subject to suspicion as is any outside data. But apparently you can "trust" (I realize within certain limits) some things provided by the browser -- that's news to me.
You are right. Being suspicious with data coming from the browser is a pretty good reflex. But, as long as you use the accept-language header only for detecting the user's native language, you do not risk a lot. In the worst case, your will set your site's language to something that is not the user's native language. In that case, you only need to allow him to change this setting manually.
You can base yourself on information provided by the browser, but as you say, I believe that we should not rely completely on it. This is why allowing the user to change his language, in your case, becomes important.
It's always a balance between risk and usability. Hope this helps, Jean-Michel -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php