I apologize if I’ve asked this before you guys. but I use include() and header() a lot. I want to put a spec in a config or ini that disallows full url’s in both of those functions, and only accepts relative URI’s from the same domain. where would I put such a spec? I’m using goDaddy, and neither in the PHP options nor extensions is there such a setting.
thanks.
What is the actual problem you are trying to solve by wanting to do this?
it’s not necessarily an issue, but I would rather not put full URLs into these functions, but relative paths only. and I believe someone here told me a while back that using full URLs is not a secure thing to do. is that right?
It is handled specifically in the code written. Unless you are doing something really funky, a user cannot change anything entered into those functions.
I understand astone. I guess what im to get out of this thread is that there isnt much difference between putting a full URL into these functions vs. Putting a shortened URI in. Is that correct? If there isnt, then this thread was pretty much pointless so i apologize if that happened.