The referer header can be easily modified, so what are some reliable ways to get this info? A third-party service like recaptcha?I'm fiddling with a public API for contact form requests but I only want to allow requests from two domain names distinctly. Is this impossible in theory? I.e., if the API is public, it can always be spoofed?
Submitted May 30, 2017 at 04:44PM by SomeRandomBuddy
No comments:
Post a Comment