[thelist] Referer Headers
Ken Schaefer
ken at adOpenStatic.com
Fri Jul 16 05:36:42 CDT 2004
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: "John Griffith" <john-thelist at host-it.co.uk>
Subject: [thelist] Referer Headers
: I have a few intranet pages here which link to
: some competitors websites, and I don't really
: want them to be able to see the referer
: headers in their log files, as they give away all
: sorts in internal information which for security
: reasons I don't want other people
: to see (the scripting language used, internal
: IP addresses, etc). Is there any way to ask a
: browser not to supply a referer header?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I'm not sure how you'd give out an IP address, unless you're using a
publicly resolvable DNS name.
As for the scripting language, you could obfuscate it. Map an arbitrary
extension to your processing engine. Then route all external links through a
"hand off" page, eg:
<a href="leave.blah?linkID=1">external site 1</a>
Cheers
Ken
More information about the thelist
mailing list