OK Thanks for the reply. On Feb 24, 10:34 am, Andrew Leach <[email protected]> wrote: > On Feb 24, 8:46 am, samhail <[email protected]> wrote: > > > > > What i would like is if someone visited the PHP file (that outputs the > > XML data) directly that they will not be able to see the XML returned. > > > I found the code below, which looks perfect, in the PHP file - but it > > doesnt work. $_SERVER['REMOTE_ADDR'] always returns my IP address > > rather than the IP of the server. > > That's because the request is coming from the client, not the server. > > You probably need to examine the Referer header, > $_SERVER['HTTP_REFERER']. That will go some way to ensuring that the > request is generated by your web page. *But* be aware that headers are > reasonably easily spoofed, and anyone with a debugger like Firebug > will be able to see and copy your XML file from within the browser > very easily. Cookies are a (slightly) more secure way of ensuring the > origin of a request, but do nothing to protect your data from debug > tools. Once you publish your data, it's outside your control. > > Security of data is outside the scope of a Group dedicated to using > the Maps API.http://www.google.com/search?q=%22securing+data+on+the+web%22
-- You received this message because you are subscribed to the Google Groups "Google Maps API" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-maps-api?hl=en.
