[wp-hackers] Enable Sending Referrers
Denis de Bernardy
denis at semiologic.com
Sun Aug 14 00:35:31 GMT 2005
I'd be curious to know the rational behind this defense mechanism. Like,
isn't it trivial to fake the referrer?
D.
> -----Original Message-----
> From: wp-hackers-bounces at lists.automattic.com
> [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of
> Nathan White
> Sent: Saturday, August 13, 2005 5:28 PM
> To: wp-hackers at lists.automattic.com
> Subject: [wp-hackers] Enable Sending Referrers
>
>
> When using the admin controls I couldn't seem to get around
> this error message:
>
> "Sorry, you need to enable sending referrers for this feature
> to work." I even went to the codex page that discusses the
> proper settings in your browser, nothing has worked. What
> would prevent my install from detecting the referrer?
>
> As a temp fix I made the following modification inside the
> "admin-functions.php"
>
>
> function check_admin_referer() {
> $adminurl = strtolower( get_settings('siteurl') ) . '/wp-admin';
> $referer = strtolower( $_SERVER['HTTP_REFERER'] );
> if ( !strstr($referer, $adminurl) )
> // die(__('Sorry, you need to <a
> href="http://codex.wordpress.org/Enable_Sending_Referrers">ena
> ble sending referrers</a> for this feature to work.'));
> $referer = "localhost";
> do_action('check_admin_referer');
> }
>
>
> any explanation would be welcomed.
>
>
More information about the wp-hackers
mailing list