Solved

Referring URL even when user typed in my url or used bookmark

Posted on 1998-09-24
3
187 Views
Last Modified: 2011-08-18
Hi,

I'm trying to display the URL the user came from. If he came with a link to my site, I can use the referrer value. But if he went to my site from his bookmarks / favourites list, this value is empty. The same when he typed in the location.

Is there a trick to achive the effect? See below what I try to do.... In words:

Onload of my (dummy) page, I generate a new window, put the opener window back one step and try to refer to the location of the window. See the errormessage I get within the comment tags within the HTML/JS below.

I tried several other things, like competely generate a page, including statements between <SCRIP></SCRIPT>, but that doesn't change much. Strange is that all JavaScript in the generated page is DISAPPEARED. So when I generate a page and write JavaScript to it, it's gone when I view the source of the generated window??????

I want this to work with all browsers that support JS. I understood that "window.opener" is not used in every JS capable browser. Is there an alternative?

----

<HTML>
<HEAD>
<TITLE></TITLE>

<SCRIPT LANGUAGE="JavaSCript">
<!-- HIDE FROM OTHER BROWSERS

function showWindow() {
window.history.back();     //this window back one step to get lost of this dummy page
GMWindow = window.open("", "GM", ",resizable=1,width=350,height=540");
GMWindow = window.open("", "GM", ",resizable=1,width=350,height=540");     //repeat for bug in some browsers
GMWindow.document.open();
GMWindow.document.writeln("<SCRIPT language=\"JavaScript\">");
GMWindow.document.writeln("document.write(\"You came from: \" + window.opener.location.href)");      //where was the user before he typed in a new location or selected a bookmark?
GMWindow.document.writeln("</SCRIPT>");                                                          //if (s)he came from a link, than "referrer" contains the url
GMWindow.document.close();
}

// STOP HIDING FROM OTHER BROWSERS -->
</SCRIPT>

</HEAD>

<BODY BGCOLOR="#FFFFFF" onLoad="showWindow()">

<!-- this is just a dummy page

The error message I get is:

access disallowed from scripts at http://127.0.0.1/test.html to documents at another domain.

-->

</BODY>
</HTML>
0
Comment
Question by:georgedb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 60 total points
ID: 1271312
Firstly you are lucky that the script executes at all, the history.back loads another page before the script is done. At least use a setTimeout to allow the script to finish before you try to get the value of the previous page.

Secondly if your site is not where they came from, you will only be allowed to read the href in a sigend script in Netscape 4
This is a security thing to stop people from snooping.
You will have to live with the referrer


Lastly To have an opener where opener is not supported do a
WinID = window.open('','newwin);
if (!WinID.opener) WinID.opener = self;

Michel
0
 

Author Comment

by:georgedb
ID: 1271313
But why isn't the second <SCRIPT></SCRIPT> pair not visible in the source of the generated window? In what order does a browser load a page and execute code?

Your answer proposes the use of a setTimeout thing.... What exactly do you mean by that? Isn't it always that a page/script is completely loaded first before it's executed?

The answer is satisfactory, it's a real pain that referrer isn't filled with the url of the last page of the active browser window. I can imagine that it's a privacy thing that I can't get access to their whole historylist.....


Cheers,


George
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 1271314
Netscape has lately (since 4.05?) taken to not show the script that generates the html - annoying but there you are - it is actually quite good for protecting scripts from casual copying...

The setTimeout will defer the execution - perhaps - it all comes down to scope - where does the script execute...

Yes it is a security thing, you can get around it with a signed script that allows UniversalBowserRead (Netscape only) but htat is a bit overdoing things...

Michel
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Having worked on larger scale sites, we found out that you are bound to look at more scalable solutions to integrating widgets, code snippets or complete applications and mesh them into functional sites, in any given composition. To share some of…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question