Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived General Discussion Accept request from my app only
Accept request from my app only
  • El Forum
    Guest
  •  
#5
09-19-2008, 08:14 AM

[eluser]Pascal Kriete[/eluser]
IP addresses are easy to spoof, particularly on packet level. The problem is that if you've spoofed the ip address you'll need to be around the server - usually in the same subnet - to catch the response.

I would go with a mix of ideas. Filter the ip (.htaccess filtering is easiest), and also send a unique token.
Most forms in your application should have a token anyways, to prevent csrf exploits.


Messages In This Thread
Accept request from my app only - by El Forum - 09-18-2008, 10:30 PM
Accept request from my app only - by El Forum - 09-19-2008, 12:23 AM
Accept request from my app only - by El Forum - 09-19-2008, 12:53 AM
Accept request from my app only - by El Forum - 09-19-2008, 07:34 AM
Accept request from my app only - by El Forum - 09-19-2008, 08:14 AM
Accept request from my app only - by El Forum - 09-19-2008, 09:15 PM
Accept request from my app only - by El Forum - 09-20-2008, 11:39 AM



Theme © iAndrew 2016 - Forum software by © MyBB