dijxtra wrote:
> Is it safe to use HttpResponseRedirect(request.META["HTTP_REFERER"])?
> Can a session be stolen using this coed by spoofing HTTP_REFERER?
Two things stand out to me:
1) HTTP_REFERER is not a required header, so if the browser
doesn't send it, your code won
Is it safe to use HttpResponseRedirect(request.META["HTTP_REFERER"])?
Can a session be stolen using this coed by spoofing HTTP_REFERER?
Thanks in advance,
nick
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Group
2 matches
Mail list logo