|
|
Posted by Johnny BeGood on 04/28/07 21:23
Thanks for all your help, guys!
Mark
"Rami Elomaa" <rami.elomaa@gmail.com> wrote in message
news:f10agn$ion$1@nyytiset.pp.htv.fi...
> Johnny BeGood kirjoitti:
>> Hi Michael,
>>
>> Perhaps I should explain, the user of the site, who will be the owner of
>> the phone will have volunteered that data in the first place, I just want
>> to be able to check that it is that actual phone that is logging on,
>
> There are alternative, better ways for authorizing the user.
>
>> this data is available throught HTTP Headers from the phone.
>
> No, it isn't. And even if it were, do you realize how easy it is to open
> pages with php and write custom headers. Say I want to hack in your
> system. Fine, I'll just open a socket with fsockopen, write the headers,
> insert your phone number in the headers and chi-ching, you're pwend.
> Secure? I don't think so, Tim.
>
>> I do agree with you on the privacy issue.
>
> Then you'll understand why it isn't in the headers. What makes you think
> it would be?
>
> If you don't believe me, just echo the entire header to see for yourself.
> <?php print_r(getallheaders()); ?> If the phone number was there, please
> let me know...
>
> --
> Rami.Elomaa@gmail.com
>
> "Wikipedia on vähän niinq internetin raamattu, kukaan ei pohjimmiltaan
> usko siihen ja kukaan ei tiedä mikä pitää paikkansa." -- z00ze
Navigation:
[Reply to this message]
|