[thelist] http_referer [perl]

Jeff jeff at lists.evolt.org
Wed Sep 6 12:44:11 CDT 2000


: From: Algian <algian at algian.com>
: I have a perl script that compares the http_referer
: with a series of valid urls and if it doesn't match
: any it kicks the user out like so
: [snip]
: I tried printing the http_referer in IE so that i could
: see what was wrong and to my surprise the
: HTTP_REFERER was EMPTY!!!!! :o

welcome to the wonders of http variables.  the problem with relying on them
for information is that they're sent from the browser.  in other words, if i
was crafty enough, i could send any value for the http variables i wanted
to.  also, most browsers send the correct http_useragent, http_referer, etc,
but they're not required to.  some browsers are even set up to allow you to
monkey with the useragent string.

to get your setup to work, i'd suggest that you check the length of the
http_referer before you do the compare.

good luck,


mailto:jeff at members.evolt.org

More information about the thelist mailing list