Menu
Is this property spoofable, or 100% trustworthy?
I want to be certain a request is coming from my box only. I have to add this sentence because I can't ask simple questions.
822
Unless someone manipulates your TCP stack it is fully trustable.
it basically is an analysis of the network stack from the IIS layer on whether the request originated locally - most likely by coming from a 127.0.0.x address (yes, localhost is the whole at that time C network, not just 127.0.0.1).
There is no way to establish a TCp connection with a fake origin, so this data can be trusted.
http://forums.asp.net/t/1065813.aspx/1
indicates via decompiling it checks on 127.0.0.1 and ::1 - both are the common localhost addresses.
Again, and still, this is totally not fakeable unless you manipualte the network stack or the .net framework classes.
125
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
