Richard Lynch schrieb:
If a web service really doesn't care whether it is responding to GET
or POST or even forged COOKIES to product its output, why would it not
just use REQUEST?
It's not as if it's any harder to forge GET vs. POST vs. COOKIE data,
really.
You can easily have sombeody inadvertedly send a malicious GET request
just by embedding an image link into a page.
Regards,
Stefan
--
>e-novative> - We make IT work for you.
e-novative GmbH - HR: Amtsgericht München HRB 139407
Sitz: Wolfratshausen - GF: Dipl. Inform. Stefan Priebsch
http://www.e-novative.de - GnuPG Key: 0x7DB67F7F
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
