[thelist] PHP 302 redirects maintains referer

Bojan Tesanovic btesanovic at gmail.com
Fri Jun 29 10:03:20 CDT 2007


Thanks guys,

I found out that referer is set by browser so there is no way to inject it via server side.
But you can force browser to set referer of site B via JavaScript 'window.location.href=siteC'
only works in FF in IE referer is removed, and best for me in this case is to do META REFRESH that will clear referer
header which is better for my case.

Thanks again.

Paul Waring wrote:
> On Fri, Jun 29, 2007 at 12:03:54AM +0200, Bojan Tesanovic wrote:
>> I have a problem with 302 redirects
>> So we have site A that points to site B then site B does some logging and redirects to site C
>> what I happens is that when site B do 302 redirect site C sees site A as referer site not site B
> 
> As far as I'm aware, that's the intended behaviour - the referer field
> (which you shouldn't rely on anyway as there's no guarantee of it being
> set to the correct value, or anything for that matter) is carried over
> redirects. If you can modify site C to get the referer value from
> somewhere else, you could always pass it in as another parameter, e.g.:
> 
> 1. User click a link on site A
> 2. User is redirected to site B
> 3. Site B takes a note of the referrer and redirects to site C:
> http://sitec/product-999/siteBreferrer
> 
> If you see what I mean. If you can't modify site C then I think the only
> way to get the referer value of site B is to have a link on site B to
> site C. As I said earlier though, you *really* shouldn't rely on this
> behaviour anyway as it's not guaranteed to work.
> 
> Paul


-- 
Bojan Tesanovic
http://www.classicio.com/



More information about the thelist mailing list