PreviousNext…

Referrer spam and XSS

Following on from the "silkenladies.com" referrer incidents (heh heh. Now plugged!) I feel I should award Wolfgang for his persistence, so here we go. If you know German, check out his article on cross-site scripting which principally deals with the dodginess inherent in displaying referrer logs. He even links to my 'Simple referrers' article. Well, the clue's in the title: simple referrers. Of course there's a risk in presenting unmoderated "external" material on one's site, but that's the nature of the game. For this site, the benefits far outweigh the downside. If you've implemented my code, you'll see it's pretty easy to filter stuff, so over to you!

Comments on this post are now closed.

About

I’m a software architect / developer / general IT wrangler specialising in web, mobile web and middleware using things like node.js, Java, C#, PHP, HTML5 and more.

Best described as a simpleton, but kindly. You can read more here.

";