On 2/15/07, Dennis Gilmore dennis@ausil.us wrote:
Once upon a time Thursday 15 February 2007, Arthur Pemberton wrote:
On 2/15/07, R P Herrold herrold@owlriver.com wrote:
On Thu, 15 Feb 2007, Dennis Gilmore wrote:
Did you look at the code like i asked last time ? IP's are not collected. the data is transmitted by post so there is is no way to tie a UUID to an ip
ummm ... don't be silly -- it is trivial to associate an originating IP to a POST
This test widget at http://www.herrold.com/post/ has this HTML code to the client:
<form method="post"> Digits only please: <input type="text" name="acme"><br> <input type="submit" name="show" value="show"> </form>
and reveals the REMOTE_ADDR quite readily.
The source PHP may be viewed at:
http://www.herrold.com/post/index.phps
-- Russ Herrold
I have to agree with this. Not that I think that this is specifically a problem. But it was false to imply that an HTTP Post is immune to IP harvesting.
sure it could be done if smolt was coded to do so but if it was in a GET it would be in the logs.
How does one establish an HTTP connection without making your IP available to the server?