Den 2012-04-24 03:46, Dave Warren skrev:
It's only when there's an incorrect referrer that you can assume the request isn't legitimate and you should return something different.
or banks care to send the image over https protocol not just http
Whether you do this immediately or have someone review before making the decision is a business decision,
bah
for banks that can't confine themselves to a single domain then a manual review might be needed, but such is life.
yep it would be more funn to see the first bank that works in links text mode webbrowser, and only display graphics if started with links -g, any other browser is unsecure :=)
