[Web4lib] Referrer URL authentication

Gimon, Charles A CAGimon at mplib.org
Mon Dec 18 10:31:27 EST 2006


True. On the other hand, "If it's good enough for the vendor, it's good
enough for us." Compared to the annoying folderol we have to go through
with DRM'ed e-audiobooks, I don't mind validation by referrer so much.

Once in a while we'll run into someone who has security software or an
overzealous admin that blocks all referrer info, but that's fairly
uncommon.

--Charles Gimon 
  Web Coordinator
  Minneapolis Public Library


-----Original Message-----

Thomas Dowling wrote:

> Understand first that referer security is not secure.  It will
represent little more than a nuisance 
> to someone who seriously wants to get in, and anyone who knows a valid
referer to send can easily 
> find tools to fake that value in their browser headers.



More information about the Web4lib mailing list