laziness, impatience, and hubris | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
I get nervous when I see HTTP_REFER and (unqualified) security mentioned together. Leaving aside the fact that the Referer header is trivially spoofed in a client, many "personal firewalls", proxies and other internet security software will remove or otherwise anonymise the the Referer header: the HTTP Specification makes the suggestion that it might be removed. Beyond that it's not exactly clear how this might be used. /J\ In reply to Re: SF_form_secure
by gellyfish
|
|