On Thu, 2008-01-31 at 15:10 -0500, Robert Cummings wrote: > On Thu, 2008-01-31 at 20:49 +0100, Per Jessen wrote: > > Robert Cummings wrote: > > > > > Information leakage is a security issue. IMHO referer logging should > > > need to be turned on, not off. > > > > Rob, I appreciate your opinion, but like I said - when Firefox (or MSIE) > > switches off REFERER by default, we can talk again. > > Lol, this is an open discussion. I post for all to read, not just you. FWIW BTW, they will probably never switch it off for the same reason Windows isn't locked down properly by default. Too many dumb users would cry WTF and wouldn't understand the answer. As such the simplest solution is to leave users exposed rather than educating them. Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php