[Javascript] HTTP Header Spoof
Flavio Gomes
flavio at economisa.com.br
Tue Jun 29 09:16:36 CDT 2004
Hello Everyone,
I'm having a little problem here,
I got a server with PHP enabled that I pay for stream and disk space,
and another freeserver that hosts my big images and files.
But when I do something like
<img src="http://freeserver/myimage.jpg">
from PHP server, I got a forbidden message, because it doesnt let me use
their band...
Well, using PHP I could manage to bring the files through header
spoofing and setting the "Referer" to a "http://freeserver" page, but
still I use my PHP paid stream to download the files, because the URL'll
seems like:
<img src="http://phpserver/download.php?file=http|freeserver/myimage.jpg">
And *here* is where /Jscript/ gets in:
In order to save the stream use, I tought that something like XMLhttp
object would help me... so the user would download directly from
"http://freeserver"
But, XMLhttp doesnt let me access another host u.u ("You cannot
open a connection to a different host" =>
http://www.mozilla.org/xmlextras/ )
Aaaaand here comes the question:
I'd like to know if anybody knows a way to /hack/ XMLhttp to allow
access to diferent hosts or any other idea so I'd be able to use my nice
freeserver images on my phpserver? ^^
Thanks in advance,
---
Flavio Gomes
flavio at economisa.com.br
More information about the Javascript
mailing list
