0

I'm using the following simple PHP proxy script but am getting a sporadic message at the destination site.

I'm thinking that perhaps it may have something to do with the HTTP_REFERER header, although I'm not explicitly defining it.

Can anyone tell me how to explicitly turn off or leave the HTTP_REFERER header blank?

Thanks in advance!

$url = $_GET['path'];
readfile($path);
Bachalo
  • 6,965
  • 27
  • 95
  • 189
  • 1
    What message do you get? – Gumbo Jan 20 '10 at 16:04
  • 403 Forbidden: The server understood the request, but is refusing to fulfill it. In googling for the same error, I recall seeing an addition to this error, saying in effect to ensure the the HTTP_REFERER was blank. Anyways, am troubleshooting a variety of possibilities right now since it is a sporadic issue. – Bachalo Jan 20 '10 at 16:31
  • All right, so your *real* question is probably the exact opposite of your *actual* question: How do I send REFERER headers along with my request? :) – Pekka Jan 20 '10 at 16:45
  • ok ... How do I send REFERER headers along with my request?;) – Bachalo Jan 20 '10 at 18:22

1 Answers1

0

I don't think the HTTP wrapper to readfile() sends any special headers, let alone REFERER.

What leads you to the conclusion that it does?

Pekka
  • 442,112
  • 142
  • 972
  • 1,088
  • Agreed - I'm rather confused by the OP's question . – mr-sk Jan 20 '10 at 16:05
  • 2
    Sidenote: That snippet is a security concern: ie: host.com?path=../../etc/passwd $url = $_GET['path']; readfile($path); You get the idea? – mr-sk Jan 20 '10 at 16:06
  • 1
    @Mr-sk.... Better yet... `?path=../../../../../../../etc/passwd` to ensure you **get to the root of the problem** if you *know what I'm sayinnnn* (lol) – Corey Ballou Jan 20 '10 at 16:41