Re: Re: Re: CGI IP Based Security

By printing out the value of $remote_host i've realized that this method will be fine when i initially run the script GETing data from the trusted IP.
However, when the script calls itself (e.g a "next page" button to browse data) The $remote_host is set to the user, and the user is unable to progress.

Is there any way for the script to detect how it has been called. e.g If it has passed GET data to itself, or if the GET data came from somewhere else?

Thanks submersible_toaster for all your help so far :)

Neil Archibald - /dev/IT -

Comment on Re: Re: Re: CGI IP Based Security

Replies are listed 'Best First'.
Re: Re: Re: Re: CGI IP Based Security by submersible_toaster (Chaplain) on Jun 24, 2003 at 05:09 UTC
Maybe I have misunderstood your question. Are you saying that $remote_host is correct upon the first invocation of the script. But subsequently linked invocations it is set to a username? If it is a qualified hostname instead of an IP address , then I understand but a username?? I am not sure I can think of how to mess with that part of the environment with a GET request. Could you post code that demonstrates the problem? I can't believe it's not psellchecked	[reply]
Re: Re: Re: Re: Re: CGI IP Based Security by devslashneil (Friar) on Jun 24, 2003 at 05:55 UTC
I found an alternative solution to my problem, thanks alot for your help however. It put me on the right track :) Neil Archibald - /dev/IT -	[reply]
Re: Re: Re: Re: CGI IP Based Security by CountZero (Bishop) on Jun 24, 2003 at 05:50 UTC
Try adding a hidden parameter to your script: set it to a pre-determined value when the script invokes itself and check in the beginning of the script if this parameter is set to that value. Warning! This is not very secure as anyone able to determine the correct value of that parameter wil now have access to your script. As you can only find that value by coming from the trusted IP, the risk is probably rather low, but stil ... CountZero "If you have four groups working on a compiler, you'll get a 4-pass compiler." - Conway's Law	[reply]