Jean-Michel Philippon-Nadeau wrote: > Dear Tedd, Dear List, > > tedd wrote: >> As for being "hung-up" -- again, I'm clueless. I mistakenly thought >> that anything obtained from the browser was subject to suspicion as is >> any outside data. But apparently you can "trust" (I realize within >> certain limits) some things provided by the browser -- that's news to me. > > You are right. Being suspicious with data coming from the browser is a > pretty good reflex. But, as long as you use the accept-language header > only for detecting the user's native language, you do not risk a lot. In > the worst case, your will set your site's language to something that is > not the user's native language. In that case, you only need to allow him > to change this setting manually. > > You can base yourself on information provided by the browser, but as you > say, I believe that we should not rely completely on it. This is why > allowing the user to change his language, in your case, becomes important. yes! that's what I was trying to say :-) > > It's always a balance between risk and usability. > > Hope this helps, > > > Jean-Michel > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
