I'm at an agency that is not permitted to let the internal IPs of the
web servers get out. Since we support
many different applications, its difficult to filter all the content
being uploaded to the web servers (500+ apps).
How can i block or set the return value to an empty string for a
server variable such as LOCAL_ADDR
PJ
On Sep 21, 1:09 pm, Pirooz Javan
> I'm at an agency that is not permitted to let the internal IPs of the
> web servers get out. Since we support
> many different applications, its difficult to filter all the content
> being uploaded to the web servers (500+ apps).
>
> How can i block or set the return value to an empty string for a
> server variable such as LOCAL_ADDR
>
> PJ
What you want to do is impossible. There is no access control model
for server variables. Besides, it is not possible for the server to
filter its applications to prevent leakage of internal IP. The
security policy of this agency needs to be revised because it is not
enforceable.
//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//