Posted by Rory Browne on 05/20/05 23:07

Not only can the user agent string be easly spoofed, but as a result
of its abuse by certain webmasters(mostly Banks) Browsers such as
Opera, and I believe Konqueror, have a setting that allows you to
change the user agent string as a configuration option.

The UserAgent is a hint. It is most definatly not a gurantee.

On 5/20/05, Graham Anderson <grahama@siren.cc> wrote:
> Can the server variable 'user agent' be modified/spoofed by the user?
>
> I have a bunch movies that I want to only open if the user agent
> contains Quicktime Player...
> In my case, if the user agent string contains Quicktime Player, a movie
> url is written for Quicktime to open....
> If the user agent contains a browser, I want php to deny access....not
> write the url for Quicktime to read
>
> is is possible for a script kiddie to spoof user agent server variables
> to fool the server ?
>
>
> many thanks :)
>
> g
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

• Next in forum: Re: [PHP] Can I prevent Server variables from being spoofed ?
• Prev in forum: Re: [PHP] Getting parameters from a URL coming from outside the site
• Thread view: Re: [PHP] Can I prevent Server variables from being spoofed ?

[Reply to this message]