On Wed, Aug 24, 2005 at 02:12:56PM -0700, Denzil Kruse wrote:
> I want to know the web site that someone came from,
> and so I was planning on reading $ENV{'HTTP_REFERER'}
> to figure it out. How reliable is that?
Reliable enough for general interest and for finding some
Denzil Kruse wrote:
> Hi,
>
> I want to know the web site that someone came from,
> and so I was planning on reading $ENV{'HTTP_REFERER'}
> to figure it out. How reliable is that? Do browsers
> or other situations block it or obfuscate it? Is
> there another w
Hi,
I want to know the web site that someone came from,
and so I was planning on reading $ENV{'HTTP_REFERER'}
to figure it out. How reliable is that? Do browsers
or other situations block it or obfuscate it? Is
there another way to do it or any other issues
involved? I'm usin
Hi,
Ok for example in my site, i send "internal mail" member 'email' other
users, and it is kept in a database.
But what about a user.
copy the form, and a while loop keeping to send e-mail to overload the
database,(put too much information),
this is why yahoo, or hotmail when you join they put a
what do you mean by overload?
you should never trust data coming in from a webform. for example, if you
are collecting a phone number and the data is in $phoneNumber..
do something like,
$phoneNumber =~ s/.*(\d{3}-\d{3}-\d{4}).*/
or
&handleError() if ( $phoneNumber !~ /^(\d{3}-\d{3}-\d{4})$/ );
Hi.
I have an idea, if someone creates an external program to overload my
database, How do i prevent that, if all the fields are correct?
Anthony
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
I have found CGI::FormBuilder a great way to do the validation for you.
First it ignores anything you didn't specifically ask for. Second, you can
easily validate using regexes. An additional benefit is that this module
provides client side (for legitimate users of your form), and server side
check
> should I use $ENV{HTTP_REFERER} to check wether a form was sent from my
> site.
> Because I don't want people to download my webpage, put a link to a form,
> and modify some of the forms so it can crash the script.(eventough i tried
> to protect from that).
Enough error han
On 6/26/03 at 10:48 AM, [EMAIL PROTECTED] (anthony) wrote:
> Hi,
>
> should I use $ENV{HTTP_REFERER} to check wether a form was sent from
> my site. Because I don't want people to download my webpage, put a
> link to a form, and modify some of the forms so it can crash the
&
Hi,
should I use $ENV{HTTP_REFERER} to check wether a form was sent from my
site.
Because I don't want people to download my webpage, put a link to a form,
and modify some of the forms so it can crash the script.(eventough i tried
to protect from that).
The best way i can think of for the m
> Sent: Wednesday, July 24, 2002 9:49 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: HTTP_REFERER
> >
> >
> > Thanks. I was setting up some Paypal stuff and want to make
> > sure that the user is
> > actually coming from Paypal (https://www.paypal.com...
Well, there you have it Shao-Ju. Hey, I learned something new today. Cool.
- Original Message -
From: "Bob Showalter" <[EMAIL PROTECTED]>
To: "'Shao-Ju Chao'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, July 24, 2002 7:5
> -Original Message-
> From: Shao-Ju Chao [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 24, 2002 9:49 AM
> To: [EMAIL PROTECTED]
> Subject: Re: HTTP_REFERER
>
>
> Thanks. I was setting up some Paypal stuff and want to make
> sure that the user is
&g
> -Original Message-
> From: Shao-Ju Chao [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 24, 2002 9:38 AM
> To: [EMAIL PROTECTED]
> Subject: HTTP_REFERER
>
>
> I was trying to get referer information from
> $ENV{'HTTP_REFERER'} but always got
Thanks. I was setting up some Paypal stuff and want to make sure that the user is
actually coming from Paypal (https://www.paypal.com.) and then come to my web page
to
ativate their account. The "return" link is on Paypal and when they click the link and
return, I checked the HT
referer is only set if you are linked from another site, are you sure
its being set? And yes its supported by apache (any os).
On Wed, 2002-07-24 at 09:37, Shao-Ju Chao wrote:
> I was trying to get referer information from $ENV{'HTTP_REFERER'} but always got
>empty
>
,
David
- Original Message -
From: "Shao-Ju Chao" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, July 24, 2002 7:37 AM
Subject: HTTP_REFERER
I was trying to get referer information from $ENV{'HTTP_REFERER'} but always got empty
string. Is this
I was trying to get referer information from $ENV{'HTTP_REFERER'} but always got empty
string. Is this env variable supported by apache server (on linux)? Thanks.
=
Shao-Ju Chao (Bruce)
Do you Survey!?
Go to http://www.surveyanywhere.com and create your
ue ( $q->param( $name )) {
print FD " $value\n";
}
}
}
if ( not $page eq "" ) {
my $hit = Hit->new();
$hit->page( $page );
$hit->referrer( $refr );
$hit->browser( $ENV{ "HTTP_USER_AGENT" } );
$hit->Print( \*FD
very strange. my copy of netscape 4.77 (as well as my copy of IE 5)
correctly give the url of the referring page in HTTP_REFERER.
by the way, this variable is not suitable for authentication, as it
can easily be spoofed. just a warning, ymmv.
* Dianne Van Dulken <[EMAIL PROTECTED]> [2
ontent-type: text/html\n\n";
>
> ##
> ##declared variables
> ##
> my $homepage;
> my $ENV;
> my $HTTP_REFERER;
Nope. %ENV, a hash, is already available to you. You don't need to
declare these at all.
> ## print to webpage
> ##
> ##print
anycare to help get this working.
it is being called from a homepage as the page loads (like a counter would be used)
#!/usr/bin/perl -w
use strict;
use diagnostics;
print "Content-type: text/html\n\n";
##
##declared variables
##
my $homepage;
my $ENV;
my $HT
This works
print qq{$_ => $ENV{$_}\n} for keys %ENV;
what are ths individual calls?
print qq"$ENV{'HTTP_REFERER'}\n";
(below are the other calls.yes???)
QUERY_STRING =>
SERVER_ADDR => 000.00.00.000
HTTP_ACCEPT_LANGUAGE => en-us
SERVER_PROTOCOL =&g
>>>>> "Mo" == Mo Holkar / UKG <[EMAIL PROTECTED]> writes:
Mo> I've seen a few references to this spoofing of HTTP_REFERER -- how is
Mo> it accomplished?
Mo> (Asking not so that I can do it myself ;-) but to ascertain whether
Mo> the circumstance
formation it provides can easily be manipulated and forged
>to make it look like the request is coming from a different computer. You
>shouldn't use http referral alone for security, for instance.
Hi all,
I've seen a few references to this spoofing of HTTP_REFERER -- how is it
accomp
> "Joe" == Joe Schulman <[EMAIL PROTECTED]> writes:
>> print A "$ENV{'HTTP_REFERRER'}\n";
Joe> I'm no where near being an expert at perl (and know even less about the rules for
file I/O), but I'm pretty sure two things could be
Joe> wrong here:
Joe> 1) The "$ENV{'HTTP_REFERRER')\n"; part fo
Dianne Van Dulken wrote:
: I was hoping someone would be able to give me a clue how I could find the
: referer IP. If I use the Environment HTTP_REFERER, it will work in IE, but
: not in Netscape.
:
: Does anyone know of another method that allows me to read this?
Should work with Netscape
t i have read.
Two thoughts:
* The env variable is actually spelled HTTP_REFERER (which is wrong,
but that's how it's spelled)
* The browser may not be passing a referer. Sometimes they don't; some
agents, like a lot of robots, never do.
-- tdk
At 22:35 06.06.2001 -0500, you wrote:
> > I too have a question about this.
> > below is the code:
> >
> > open(A,">>/home/thx-1138/cgi-bin/data/refs.htm");
> > print A "$ENV{'HTTP_REFERRER'}\n";
> > close (A);
> >
> > The file opens, prints a return/linefeed and closes...
> >
> > any ideas why th
gets another.
When I use remote_host, it gives me MY personal IP address.
HTTP_REFERER gives the webpage server IP address.
Does this make sense?
The version of Netscape we are using that is giving us no result is 4.7
Thanks
Dianne
>
> I too have a question about this.
> below is the code:
>
> open(A,">>/home/thx-1138/cgi-bin/data/refs.htm");
> print A "$ENV{'HTTP_REFERRER'}\n";
> close (A);
>
> The file opens, prints a return/linefeed and closes...
>
> any ideas why this wont work???
> it looks correct to me from what i have
> I was hoping someone would be able to give me a clue how I could find the
> referer IP. If I use the Environment HTTP_REFERER, it will work in IE, but
> not in Netscape.
For some people this isn't an option (CGI.pm isn't available), but it is one that
works on all browsers
ct to me from what i have read.
Lou
- Original Message -
From: Dianne Van Dulken
To: '[EMAIL PROTECTED]'
Sent: Wednesday, June 06, 2001 9:57 PM
Subject: $ENV(HTTP_REFERER)?
Hi,
I had already posted this to beginners@perl <mailto:beginners@perl> , but
Hi,
I had already posted this to beginners@perl <mailto:beginners@perl> , but
someone there suggested I try here as well.
I was hoping someone would be able to give me a clue how I could find the
referer IP. If I use the Environment HTTP_REFERER, it will work in IE, but
not in Netscape.
34 matches
Mail list logo
