On Tue, 19 Nov 2002, Adrian Chadd wrote: > On Tuesday, November 19, 2002, at 01:16 PM, Lucian Daniel Kafka wrote: [..] > >> In other words, the HTTP_X_FORWARDED_FOR is user-suplied data - it's > >> not to be trusted. > > > > > > But that's not the issue - it's like the locks on the door - really > > there to keep the honest people away. It's easier to get around the > > lookup limits in other ways that generating custom request headers... > > Well, if you want a reasonably foolproof setup why not ask ausregistry > to implement > an authenticated whois-style system? Then you can perform some useful > statistical > checks on the access patterns. Sure why not, but meanwhile how hard is it to set your AnyBrowser to not use the proxy cache for ausregistry.com.au if you do want to use HTTP? Cheers, IanReceived on Fri Oct 03 2003 - 00:00:00 UTC
This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:06 UTC