Re: Re: disable referer ? (was: Framed & Linked Content)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-01-31 at 15:10 -0500, Robert Cummings wrote:
> On Thu, 2008-01-31 at 20:49 +0100, Per Jessen wrote:
> > Robert Cummings wrote:
> > 
> > > Information leakage is a security issue. IMHO referer logging should
> > > need to be turned on, not off.
> > 
> > Rob, I appreciate your opinion, but like I said - when Firefox (or MSIE)
> > switches off REFERER by default, we can talk again.
> 
> Lol, this is an open discussion. I post for all to read, not just you.

FWIW BTW, they will probably never switch it off for the same reason
Windows isn't locked down properly by default. Too many dumb users would
cry WTF and wouldn't understand the answer. As such the simplest
solution is to leave users exposed rather than educating them.

Cheers,
Rob.
-- 
.------------------------------------------------------------.
| InterJinn Application Framework - http://www.interjinn.com |
:------------------------------------------------------------:
| An application and templating framework for PHP. Boasting  |
| a powerful, scalable system for accessing system services  |
| such as forms, properties, sessions, and caches. InterJinn |
| also provides an extremely flexible architecture for       |
| creating re-usable components quickly and easily.          |
`------------------------------------------------------------'

-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux