Join Log in
Score:0
Sam avatar Server

How can a url param '?i=1' detect a browser?

in flag
Sam

profreehost claims that a '?i=1' url GET param can protect their servers. I wondered how. I did use google before asking question, but all the results was about they are for security and how to remove them (if you have ssh access). I wanted to know the principles and maybe try to implement one for my own (on a vps) site. I guess the answer lies at the behavior of browsers.

38
0 + 0
Score:0
avatar Server
td flag
bob

The parameter in itself is not the security mechanism, the security mechanism / browser check is the ability of the browser to store and use a cookie...

The pseudo logic is something along the lines of:

If a cookie is set:

  1. -> assume that only "real browsers" can use cookies and show the page

  2. If no cookie is set:
    -> When URL parameter i is set and greater than 3 show error (assume that a browser that will follow multiple redirects but won't store cookies is not a real browser and/or broken)
    -> ELSE
    --> set the cookie
    --> increment i with 1
    --> return a redirect to URL?i=$i

0 + 0
Sam avatar
in flag
Sam
Thanks, you mean the server will check whether the cookie is set? So when, in your flow, should it do so? Implementing this will result in losing the benefit of CDN, as a CDN should not cache anything with a cookie, right? And what should the cookie contain? creation time, UA, ip?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.