[Xerte-dev] Re: $_SERVER['HTTP_REFERER'] issue
Pat Lockley
patrick.lockley at googlemail.com
Thu Jan 26 13:49:03 GMT 2012
it was always more of a - this is the best we can do botch job than
anything meant to be brilliant.
The alternative is some sort of LMI adapter - or some GET PGP string?
On Thu, Jan 26, 2012 at 1:46 PM, David Goodwin <david at palepurple.co.uk> wrote:
> The HTTP_REFERRER variable is supplied by the user's browser when a request is made - so you can't really trust it.
>
> And I suspect various anti-virus products may well block / remove it when requests are made in the name of privacy.
>
> David.
>
>
> On 26 Jan 2012, at 12:59, Julian Tenney wrote:
>
>> Anyone got any bright ideas: when you set access to other, you can specify a domain to restrict access only to links being followed from that domain: so you can have some sort of gatekeeping in any system the user has to log in to, and then only allow access to links from that system.
>>
>> This is the code, it uses $_SERVER['HTTP_REFERER'].
>>
>> It doesn’t work in IE. Cosmic.
>>
>> Any alternative approaches without having to modify the linking system?
>>
>> This is the code:
>>
>
> <snip>
>
> Pale Purple Ltd. (Company No: 5580814)
> 'Business Web Application Development and Training in PHP'
>
> http://www.palepurple.co.uk
> Office: 0845 0046746 Mobile: 07792380669
>
> Follow us on Twitter: @PalePurpleLtd
>
>
> _______________________________________________
> Xerte-dev mailing list
> Xerte-dev at lists.nottingham.ac.uk
> http://lists.nottingham.ac.uk/mailman/listinfo/xerte-dev
> This message and any attachment are intended solely for the addressee and may contain confidential information. If you have received this message in error, please send it back to me, and immediately delete it. Please do not use, copy or disclose the information contained in this message or in any attachment. Any views or opinions expressed by the author of this email do not necessarily reflect the views of the University of Nottingham.
>
> This message has been checked for viruses but the contents of an attachment
> may still contain software viruses which could damage your computer system:
> you are advised to perform your own checks. Email communications with the
> University of Nottingham may be monitored as permitted by UK legislation.
More information about the Xerte-dev
mailing list