My service can use referrer information to let me know from which website the request is made, and I would like to make sure that there is no way to fake referrer information.
Link can be easily faked.Using a referrer is very unreliable as a verification method.
There is a firefox plugin called refspoof to make this very easy.
Even command line tools like wget have the following features: --referer=url
--referer=url
. , .
, . : .
Ever.
, , User-Agent referrer ( , PHP - ).
, .
, . , .
Source: https://habr.com/ru/post/1768813/More articles:Get a class? - reflectionGlassfish, EJB3, SOAP Web Service and Basic Authentication - authenticationPHP security sha2: & $ salt = null? - functionWhere should I put the main implementation in a project with several Maven modules? - javaPeriodically update images on a page - javascriptPHP - How to read message data without a key? - phpWhat are the official FrameworkNames? - .netDocumenting implicit input parameters like $ _SESSION - phporg-Agenda-skip-function does not work - emacsIn WPF, how to properly align menu items while maintaining keyboard shortcuts? - c #All Articles