[nycphp-talk] javascript calling php function
csnyder
chsnyder at gmail.com
Fri Feb 22 10:15:32 EST 2008
> On Fri, Feb 22, 2008 at 9:34 AM, Guilherme Blanco
> <guilhermeblanco at gmail.com> wrote:
> but suggest a user to check for referer is never a good thing.
And since you said never, there are plenty of cases where a referer
check can be used to stop abuse.
Consider misappropriation of images as an example: if an img tag on
someone else's popular site points to an image on yours, and they are
leaching your bandwidth, you can stop it by requiring a valid referer
for that image. This is because the vast majority of hits for that
image are coming from web browsers, not curl scripts.
Anytime you are trying to control browser behavior, as opposed to
scripted behaviours, you can "trust" the referer.
More information about the talk
mailing list