Vote count:
0
I have a website with some php scripts, some of them are called in ajax.
I'd like some malicious users to call those scripts from another site, or from a dummy localhost site.
I thought about filtering the domain name, but with some tools like EasyPHP and virtual host managers, you can run a local website tricking the "domain" name.
I also thought about filtering the IP adress of the caller, but I guess that if you can trick the "domain" name, you can also trick the localhost IP.
So, how may I do this to have this security work fine ?
asked 17 secs ago
Preventing calls to php scripts from a localhost or from another domain
Aucun commentaire:
Enregistrer un commentaire