homepage Welcome to WebmasterWorld Guest from
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
Forum Library, Charter, Moderators: phranque

Website Technology Issues Forum

How to enforce local referrers for images, stylesheets and scripts
Windows 2003

 9:48 am on Jun 18, 2010 (gmt 0)

Needing some help on this to pass a pen-test - any ideas?




 4:10 am on Jul 18, 2010 (gmt 0)

Hi aspdaddy,

Your question has been hanging around here for a while and I don't know if it is still relevant, but as I understand it, you want to make sure that calls for images, stylesheets and scripts all have a referrer from the same site as these files are located on. Is that a correct interpretation of the problem?


 1:22 am on Jul 19, 2010 (gmt 0)

Enforcing local referrers might break things for those whose browsers are configured not to send the referrer or are using an an Anonymous proxy server.
Just something to keep in mind.


 8:01 am on Jul 19, 2010 (gmt 0)

Intranet (i.e. you control, or can control, the browser) or Internet (you don't)?

You can also set up session handling and start a session on the referring page that you check for before serving the protected file (you can also check that both requests have the same user agent string, IP addresses in the same block etc).


 4:02 pm on Jul 22, 2010 (gmt 0)

Lammert - yes.
Status - Internet.


Global Options:
 top home search open messages active posts  

Home / Forums Index / Hardware and OS Related Technologies / Website Technology Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved