budino.mollo
12-15-2005, 12:56 PM
I use to check $ENV{'HTTP_REFERER'} in my cgi to be sure that the submit comes from the <FORM METHOD=post> really put on my domain...
Infact
if I submit a form from my domain the $ENV{'HTTP_REFERER'} = www.domain.com
If I write a form and use it from my PC $ENV{'HTTP_REFERER'} is null
The problem is that using post/get in flash the $ENV{'HTTP_REFERER'} is always = www.domain.com
In oder word, how I can be sure that the request come from the swf put on my domain and not from a modified swf in your PC?
Thanks for help!
Infact
if I submit a form from my domain the $ENV{'HTTP_REFERER'} = www.domain.com
If I write a form and use it from my PC $ENV{'HTTP_REFERER'} is null
The problem is that using post/get in flash the $ENV{'HTTP_REFERER'} is always = www.domain.com
In oder word, how I can be sure that the request come from the swf put on my domain and not from a modified swf in your PC?
Thanks for help!