Hi:
Been thinking about security recently, and thought I would toughen things up on my site. So I wrote a quick little $ENV(HTTP_REFERER} check as a subroutine, and add a call to it where needed, anytime a user has input (Like reviews, bad link reports, etc.).
As I added it to add.cgi, I noticed a GT version of this same subroutine, with a call to 'db_referers' in config. Cool!
OK, here is my question... HOW do I put the OK referers in there.... like this:
"www.bcdb.com" , "www.cartoondb.com" , "www.cartoon-db.com"
or like this:
www.bcdb.com, www.cartoondb.com, www.cartoon-db.com
(This ALWAYS confuses me. )
Thanks!
dave
Been thinking about security recently, and thought I would toughen things up on my site. So I wrote a quick little $ENV(HTTP_REFERER} check as a subroutine, and add a call to it where needed, anytime a user has input (Like reviews, bad link reports, etc.).
As I added it to add.cgi, I noticed a GT version of this same subroutine, with a call to 'db_referers' in config. Cool!
OK, here is my question... HOW do I put the OK referers in there.... like this:
"www.bcdb.com" , "www.cartoondb.com" , "www.cartoon-db.com"
or like this:
www.bcdb.com, www.cartoondb.com, www.cartoon-db.com
(This ALWAYS confuses me. )
Thanks!
dave