[thelist] Referer Headers
John Griffith
john-thelist at host-it.co.uk
Fri Jul 16 06:53:01 CDT 2004
I meant the ip of the internal web server, nothing more
-----Original Message-----
From: thelist-bounces at lists.evolt.org
[mailto:thelist-bounces at lists.evolt.org]On Behalf Of Ken Schaefer
Sent: 16 July 2004 11:37
To: thelist at lists.evolt.org
Subject: Re: [thelist] Referer Headers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "John Griffith" <john-thelist at host-it.co.uk>
Subject: [thelist] Referer Headers
: I have a few intranet pages here which link to
: some competitors websites, and I don't really
: want them to be able to see the referer
: headers in their log files, as they give away all
: sorts in internal information which for security
: reasons I don't want other people
: to see (the scripting language used, internal
: IP addresses, etc). Is there any way to ask a
: browser not to supply a referer header?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm not sure how you'd give out an IP address, unless you're using a
publicly resolvable DNS name.
As for the scripting language, you could obfuscate it. Map an arbitrary
extension to your processing engine. Then route all external links through a
"hand off" page, eg:
<a href="leave.blah?linkID=1">external site 1</a>
Cheers
Ken
--
* * Please support the community that supports you. * *
http://evolt.org/help_support_evolt/
For unsubscribe and other options, including the Tip Harvester
and archives of thelist go to: http://lists.evolt.org
Workers of the Web, evolt !
More information about the thelist
mailing list