HTTP_REFERER is set by browser. I treat HTTP_REFERER header as user input, so I
don't trust it. Using HTTP_REFERER can open security hole in your web site.
I suggest to change your authentication code, so that you don't rely on
HTTP_REFERER.
Regards,
--
Yasuo Ohgaki
""Scott Fletcher"" <[EMAIL P
I had now found the problem. The website that have been in use for a
while work pretty well with IE and Netscape Navigator. Until NS6 came,
that's when the website start having some problem.
The website use the login page and any web pages after logging are
controlled by the security check.
2 matches
Mail list logo
