Greenguy's Board - View Single Post

bret · 2004-07-27, 12:59 AM

HTTP_REFERER is generated by the client in the HTTP Header. It can easily be spoofed. However, this is usually done client side, and only a rougue browser would be spoofing HTTP headers.

Although I would not put it past someone to find a way around the client side limitations.

If this were the case .htaccess would be rendered useless.

2004-07-27, 12:59 AM	#14
bret Shut up brain, or I'll stab you with a Q-tip! Join Date: Aug 2003 Posts: 110	HTTP_REFERER is generated by the client in the HTTP Header. It can easily be spoofed. However, this is usually done client side, and only a rougue browser would be spoofing HTTP headers. Although I would not put it past someone to find a way around the client side limitations. If this were the case .htaccess would be rendered useless.