[wp-hackers] Enable Sending Referrers

Denis de Bernardy denis at semiologic.com
Sun Aug 14 00:35:31 GMT 2005


I'd be curious to know the rational behind this defense mechanism. Like,
isn't it trivial to fake the referrer?

D.


> -----Original Message-----
> From: wp-hackers-bounces at lists.automattic.com 
> [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of 
> Nathan White
> Sent: Saturday, August 13, 2005 5:28 PM
> To: wp-hackers at lists.automattic.com
> Subject: [wp-hackers] Enable Sending Referrers
> 
> 
> When using the admin controls I couldn't seem to get around 
> this error message:
> 
> "Sorry, you need to enable sending referrers for this feature 
> to work." I even went to the codex page that discusses the 
> proper settings in your browser, nothing has worked. What 
> would prevent my install from detecting the referrer?
> 
> As a temp fix I made the following modification inside the 
> "admin-functions.php"
> 
> 
> function check_admin_referer() {
>     $adminurl = strtolower( get_settings('siteurl') ) . '/wp-admin';
>     $referer = strtolower( $_SERVER['HTTP_REFERER'] );
>     if ( !strstr($referer, $adminurl) )
> //        die(__('Sorry, you need to <a 
> href="http://codex.wordpress.org/Enable_Sending_Referrers">ena
> ble sending referrers</a> for this feature to work.'));
>         $referer = "localhost";
>     do_action('check_admin_referer');
> }
> 
> 
> any explanation would be welcomed.
> 
> 



More information about the wp-hackers mailing list