> -----Original Message----- > The best information would be if you can capture the exact HTTP > transactions involved. For example, using something like ethereal, capture > the request and response for Mozilla, and then do the same for IE 6.01 > SP1. > > Short of that, you could create a URL specifically made for testing this. > You can create a PHP file called csrf.php and another called csrf.png. > Make .png files be interepreted as PHP (just for the purposes of this > test), and then you can log a lot of useful information in your test > scripts.
Wouldn't it work to just make the script spit out a mime type header and a small (1x1) image when it's done to satisfy the browser's mime type requirements? -Ed -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php