Blocking Header Redirects
Posted: Fri Jan 02, 2009 4:02 am
In most of my web apps, there are pages that unauthenticated users can not access. If this conditional fails, then it redirects them with the header('Location: login.php '). or something similar.
How does this work? I mean, is it client side, in that the browser can ignore this redirect, and continue on the site? I mean, if there's a way to block the header redirect, they'd have access to the page.
In the past I've put exit after the header() for this reason, but I've never known how it works. Is it possible to stop an HTTP redirect?
How does this work? I mean, is it client side, in that the browser can ignore this redirect, and continue on the site? I mean, if there's a way to block the header redirect, they'd have access to the page.
In the past I've put exit after the header() for this reason, but I've never known how it works. Is it possible to stop an HTTP redirect?