a servlet/jsp question and HTTP_REFERER
Posted on 2006-11-07
i have a jsp authentication form that posts to a servlet.
if the authentication fails(ie bad username) i want to send back message to the calling jsp.
i was going to use HTTP_REFERER and just send the message back to HTTP_REFERER , but i have been doing some reading and it appears that HTTP_REFERER is not dependable. That some tools like norton will block this
so does any but know this for sure and how do other people handle this. For now i have a myreferer hidden in the jsp, but seems a little kludgy
Thanks for any help