I have some limited access pages which can only be accessed if the
HTTP_REFERER is a specific page. This prevents access by scripts etc.
It has been working well, but one client runs foul of the filter because
his browser (IE) doesn't seem to pass the HTTP_REFERER variable.
Normal requests look like this in the referer log:
http://www.myserver.com/publicpage.php -> /restrictedpage.php
the client in question shows as:
- -> /restrictedpage.php
which is what you see if you go directly to the page by typing te address
into the address bar.
Does anyone know if this is a browser configurable thing, ...