> header( "HTTP/1.0 404 Not Found" ); Wrong, the redirector is a gateway. And the code you provided allows attacks to the SF servers and an XSS vulnerability. Regards, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net