[thelist] Worried...please help
Chris W. Parker
cparker at swatgear.com
Tue Jun 17 10:52:25 CDT 2003
Koutoulas, Pete <mailto:PKOUTOUL at Fayette.k12.ky.us> wrote:
> On Tuesday, June 17, 2003 10:17 AM, Steve Cook wrote:
>
> > You could check that the information being submitted to your
> > application only comes from forms located on your server. Depending
> > upon which scripting language you're using on the server there are
> > different ways of doing this, but in ASP for instance you would do
> > something like the following:
> >
> > if Request.ServerVariables("LOCAL_ADDR") <> strYourIPNumber then
> > 'Return with an error end if
>
> I wouldn't depend on that -- too easy to spoof.
I wouldn't depend on your opinion -- didn't provide an alternative.
Chris.
More information about the thelist
mailing list