Always present headers?
I want to ask if the following headers are always present in a request:
HTTP_ACCEPT_LANGUAGE,
HTTP_USER_AGENT,
REMOTE_ADDR
I plan on using them to modify sensitive information, but I need to be
sure that they will always be present in a non-threat-intended request. In
other words it will be ok if someone purposely removes any of them, but in
order for ordinary users to be able to use my application they will need
all 3 of them. Is there any type of standard that requires certain headers
to be sent?
No comments:
Post a Comment