Taneli Huuskonen wrote:
>
> Now, if trusted.com's
> webserver refused to serve anything else but the index page unless the
> Referer: field contained a trusted.com URL, this attack would be foiled.
>
> Now, is there a way to trick a browser into lying about the referrer?
>
According to
http://www.securiteam.com/securitynews/DHTML_makes_HTTP_REFERER_an_unreliable_sanity_check.html
it is possible for DHTML to lie about the referer.
(I believe this was originally a post here on Bugtraq, but I might
be wrong; could be some other mailing list I'm on too..)
/Mike
--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 �RNSK�LDSVIK
Phone: +46 (0)660 105 50 Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se E-mail: [EMAIL PROTECTED]
