On 2/15/07, R P Herrold herrold@owlriver.com wrote:
On Thu, 15 Feb 2007, Dennis Gilmore wrote:
Did you look at the code like i asked last time ? IP's are not collected. the data is transmitted by post so there is is no way to tie a UUID to an ip
ummm ... don't be silly -- it is trivial to associate an originating IP to a POST
This test widget at http://www.herrold.com/post/ has this HTML code to the client:
<form method="post"> Digits only please: <input type="text" name="acme"><br> <input type="submit" name="show" value="show"> </form>
and reveals the REMOTE_ADDR quite readily.
The source PHP may be viewed at:
http://www.herrold.com/post/index.phps
-- Russ Herrold
I have to agree with this. Not that I think that this is specifically a problem. But it was false to imply that an HTTP Post is immune to IP harvesting.