Thanks for the precious information. I've sent a request to paypal asking for suggestions. I will post to the list once I got the answer.
--- Bob Showalter <[EMAIL PROTECTED]> wrote: > > -----Original Message----- > > From: Shao-Ju Chao [mailto:[EMAIL PROTECTED]] > > Sent: Wednesday, July 24, 2002 9:49 AM > > To: [EMAIL PROTECTED] > > Subject: Re: HTTP_REFERER > > > > > > Thanks. I was setting up some Paypal stuff and want to make > > sure that the user is > > actually coming from Paypal (https://www.paypal.com.....) and > > then come to my web page to > > ativate their account. The "return" link is on Paypal and > > when they click the link and > > return, I checked the HTTP_REFERER and expect it to be > > "https://www.paypal.com..."; but it > > wasn't. > > Per RFC 2616, clients are not supposed to send a Referer header > in a non-secure request when the referring page used a secure > transfer (https). > > -- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > ===== Shao-Ju Chao (Bruce) Do you Survey!? Go to http://www.surveyanywhere.com and create your own survey. __________________________________________________ Do You Yahoo!? Yahoo! Health - Feel better, live better http://health.yahoo.com -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
