Moderators (requests and notices)

You are reading a single comment by @Dammit and its replies. Click here to read the full conversation.

•

Dammit

Then the chap should learn about security and do the right thing on his server and return a HTTP 403 header.

That's what the 403 is for.

Look, read this: https://www.owasp.org/index.php/Using_referer_field_for_authentication_or_authorization

Using the referrer header for authentication is considered a vulnerability.

It remains... stupid.

So we are back to "he's too stupid to stop me, so it's ok"

About

Avatar for Dammit @Dammit started