[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Re: clicktv search (was nothing)
|
From: |
David Woolley |
|
Subject: |
Re: lynx-dev Re: clicktv search (was nothing) |
|
Date: |
Tue, 29 Jun 1999 08:15:38 +0100 (BST) |
> > Vary: Accept-language
> > Content-type: magnus-internal/cold-fusion
This is broken. magnus-internal is a content type used to trigger
internal behaviour in Netscape web servers, not to be returned to
the client. This is probably a Netscape bug, rather than a content
provider bug.
> Klaus, do you have any URL handy that discusses the security aspects of
> this that could be passed on to the managers of that web site?
http://www.junkbusters.com/ is probably the best one on this subject,
although Referers is a privacy, rather than a pure security issue.
The most common reason for insisting on Referer now is probably not
click trailing, but to prevent outside sites cashing in on your site
by linking to your forms. It can also be used as a weak backup to
security by obscurity access control schemes.
Note that scripted use of Lynx would almost certainly violate the
reasons for insisting that you access from within the site, as it
is almost certain that human user will never see the adverts, so
I cannot expect any sympathy for requests to relax commercially
imposed insistance on Referer if any automation is involved, or
you are using a bookmark to bypass pages.