Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
pavelkunyavskiy2018-02-06 16:28:43
HTTP headers
pavelkunyavskiy, 2018-02-06 16:28:43

Is it possible to fake the Origin and Refer headers?

Is it possible?
For example, from specialized software like Postman.
Here, for example, I made a check on the NodeJS server side

if (!req.headers.origin || !req.headers.referer) {
    res.cookie('message', 'fuck you, hacker', {maxAge: 600000, httpOnly: true})
    res.send('fuck you, hacker')
    console.log('fuck you, hacker')
  }

But does it make sense if the title can be faked?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
I
InoMono, 2018-02-06
@InoMono

Of course, you can fake any headers in the web client.
But why?

Similar questions
D
Dmitry2021-11-02 03:22:48
How to redirect so that it doesn't block on mixed content? 0Reply
C
ca1zxmj2020-07-31 17:56:21
Does http have a gradual forwarding mechanism in 1 connection? 2Reply
K
Kevin Mitnick2016-04-10 15:27:35
PHP how to play audio from another server? 2Reply
M
Maxim2020-09-09 23:28:08
Not a valid Retrofit2 request: HTTP 404 Not found? 1Reply
A
Andrzej Wielski2016-06-23 12:25:14
How to fix Response in Laravel 5.1? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question