Home > Archive > PERL CGI Beginners > March 2006 > referer throwing Internal Server Error
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
referer throwing Internal Server Error
|
|
| David Gilden 2006-03-13, 9:55 pm |
| Greetings from Cow Tow!
Here is my little script and it throwing a Internal Server Error....
#!/usr/bin/perl=20
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);
use POSIX 'strftime';
use strict;
my $referer =3D referer;=20
if ($referer !~ m|^https?://www\.coraconnection\.com|i) {
print "Your not authorized: Bad Referer: $referer \n";
} else {
print "all  : $referer \n";
}
I can not figure out what is wrong here....
and how secure is this, can it be spoofed easily??
Thanks.
Dave Gilden
(kora musician / audiophile / webmaster @ www.coraconnection.com / Ft. Wor=
th, TX, USA)
| |
|
| #!/usr/bin/perl
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);
use POSIX 'strftime';
use strict;
use warnings;
my $q = new CGI;
my $referer = $ENV{'HTTP_REFERER'} || 'foo.com';
print $q->header();
if ($referer !~ m|^https?://www\.coraconnection\.com|i) {
print "Your not authorized: Bad Referer: $referer \n";
} else {
print "all : $referer \n";
}
Sara.
----- Original Message -----
From: "David Gilden" <dowda@coraconnection.com>
To: <beginners-cgi@perl.org>
Sent: Tuesday, March 14, 2006 6:30 AM
Subject: referer throwing Internal Server Error
Greetings from Cow Tow!
Here is my little script and it throwing a Internal Server Error....
#!/usr/bin/perl
use CGI qw/:standard/;
use CGI::Carp qw(fatalsToBrowser);
use POSIX 'strftime';
use strict;
my $referer = referer;
if ($referer !~ m|^https?://www\.coraconnection\.com|i) {
print "Your not authorized: Bad Referer: $referer \n";
} else {
print "all : $referer \n";
}
I can not figure out what is wrong here....
and how secure is this, can it be spoofed easily??
Thanks.
Dave Gilden
(kora musician / audiophile / webmaster @ www.coraconnection.com / Ft.
Worth, TX, USA)
--
To unsubscribe, e-mail: beginners-cgi-unsubscribe@perl.org
For additional commands, e-mail: beginners-cgi-help@perl.org
<http://learn.perl.org/> <http://learn.perl.org/first-response>
| |
| David Dorward 2006-03-14, 3:55 am |
| On Mon, Mar 13, 2006 at 07:30:45PM -0600, David Gilden wrote:
> Here is my little script and it throwing a Internal Server Error....
Try running it from the command line:
<h1>Software error:</h1>
<pre>Missing right curly or square bracket at - line 13, at end of line
syntax error at - line 13, at EOF
Execution of - aborted due to compilation errors.
</pre>
> I can not figure out what is wrong here....
> and how secure is this, can it be spoofed easily??
The referer header is optional and very easily spoofed.
e.g. (if you have LWP installed)
GET -H'Referer: http://another.example.net' http://www.example.com/
--
David Dorward http://dorward.me.uk
|
|
|
|
|