Menu
How secure are header redirects? As I understand it, the header information instructs the browser what to do. Therefore, if the header location is set to some other place, can the browser still be made to land on the initial page?
if(!$loggedin){
header('Location: someotherpage.php')
}
If someone, (cough cough) forgot to use an exit command after the header, could someone still land on that page?
881
If someone, (cough cough) forgot to use an exit command after the header, could someone still land on that page?
Sure - rather than land on that page (which he already has), forgetting an exit() means the client can still see any data emitted after those lines. Nobody can force the client to leave immediately after receiving a Location: header. That action is entirely voluntary.
76
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
